./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3414706724 <...> Warning: Permanently added '10.128.0.106' (ED25519) to the list of known hosts. execve("./syz-executor3414706724", ["./syz-executor3414706724"], 0x7fff8cc64740 /* 10 vars */) = 0 brk(NULL) = 0x5555645e8000 brk(0x5555645e8d00) = 0x5555645e8d00 arch_prctl(ARCH_SET_FS, 0x5555645e8380) = 0 set_tid_address(0x5555645e8650) = 5088 set_robust_list(0x5555645e8660, 24) = 0 rseq(0x5555645e8ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3414706724", 4096) = 28 getrandom("\xe3\xcf\x22\x79\x4b\x3e\xe3\xd5", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555645e8d00 brk(0x555564609d00) = 0x555564609d00 brk(0x55556460a000) = 0x55556460a000 mprotect(0x7f62293c1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555645e8650) = 5089 ./strace-static-x86_64: Process 5089 attached [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] set_robust_list(0x5555645e8660, 24) = 0 ./strace-static-x86_64: Process 5090 attached [pid 5088] <... clone resumed>, child_tidptr=0x5555645e8650) = 5090 [pid 5090] set_robust_list(0x5555645e8660, 24 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] mkdir("./syzkaller.TL4f9t", 0700 [pid 5090] <... set_robust_list resumed>) = 0 [pid 5090] mkdir("./syzkaller.Onqobf", 0700 [pid 5089] <... mkdir resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x5555645e8650) = 5091 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached [pid 5091] set_robust_list(0x5555645e8660, 24) = 0 [pid 5091] mkdir("./syzkaller.uiawPm", 0700./strace-static-x86_64: Process 5092 attached [pid 5090] <... mkdir resumed>) = 0 [pid 5089] chmod("./syzkaller.TL4f9t", 0777 [pid 5088] <... clone resumed>, child_tidptr=0x5555645e8650) = 5092 [pid 5091] <... mkdir resumed>) = 0 [pid 5089] <... chmod resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] set_robust_list(0x5555645e8660, 24 [pid 5091] chmod("./syzkaller.uiawPm", 0777 [pid 5090] chmod("./syzkaller.Onqobf", 0777 [pid 5089] chdir("./syzkaller.TL4f9t"./strace-static-x86_64: Process 5094 attached [pid 5092] <... set_robust_list resumed>) = 0 [pid 5091] <... chmod resumed>) = 0 [pid 5090] <... chmod resumed>) = 0 [pid 5088] <... clone resumed>, child_tidptr=0x5555645e8650) = 5094 [pid 5094] set_robust_list(0x5555645e8660, 24 [pid 5092] mkdir("./syzkaller.aUrBHQ", 0700 [pid 5091] chdir("./syzkaller.uiawPm" [pid 5090] chdir("./syzkaller.Onqobf" [pid 5089] <... chdir resumed>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... set_robust_list resumed>) = 0 [pid 5091] <... chdir resumed>) = 0 [pid 5090] <... chdir resumed>) = 0 [pid 5089] mkdir("./0", 0777 [pid 5094] mkdir("./syzkaller.3wdt8y", 0700 [pid 5092] <... mkdir resumed>) = 0 [pid 5091] mkdir("./0", 0777 [pid 5090] mkdir("./0", 0777) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] chmod("./syzkaller.aUrBHQ", 0777 [pid 5091] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5092] <... chmod resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 ./strace-static-x86_64: Process 5095 attached [pid 5094] chmod("./syzkaller.3wdt8y", 0777 [pid 5092] chdir("./syzkaller.aUrBHQ" [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5088] <... clone resumed>, child_tidptr=0x5555645e8650) = 5095 [pid 5095] set_robust_list(0x5555645e8660, 24 [pid 5094] <... chmod resumed>) = 0 [pid 5092] <... chdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5092] mkdir("./0", 0777 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5095] <... set_robust_list resumed>) = 0 [pid 5094] chdir("./syzkaller.3wdt8y" [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5089] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] mkdir("./syzkaller.sNf3D1", 0700 [pid 5094] <... chdir resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5092] <... mkdir resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5094] mkdir("./0", 0777 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] close(3 [pid 5089] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] chmod("./syzkaller.sNf3D1", 0777 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5090] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5095] <... chmod resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] chdir("./syzkaller.sNf3D1" [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5095] <... chdir resumed>) = 0 [pid 5092] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5095] mkdir("./0", 0777 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5096 attached [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5096 ./strace-static-x86_64: Process 5098 attached [pid 5096] set_robust_list(0x5555645e8660, 24 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5098 ./strace-static-x86_64: Process 5097 attached ./strace-static-x86_64: Process 5099 attached [pid 5098] set_robust_list(0x5555645e8660, 24 [pid 5096] <... set_robust_list resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5097] set_robust_list(0x5555645e8660, 24 [pid 5099] set_robust_list(0x5555645e8660, 24 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5096] chdir("./0" [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5097 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5099 [pid 5097] <... set_robust_list resumed>) = 0 [pid 5099] <... set_robust_list resumed>) = 0 [pid 5098] chdir("./0" [pid 5096] <... chdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5097] chdir("./0" [pid 5099] chdir("./0" [pid 5098] <... chdir resumed>) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] close(3 [pid 5096] <... prctl resumed>) = 0 [pid 5097] <... chdir resumed>) = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] setpgid(0, 0 [pid 5094] <... close resumed>) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] <... chdir resumed>) = 0 [pid 5098] <... prctl resumed>) = 0 [pid 5096] <... setpgid resumed>) = 0 [pid 5095] close(3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5097] <... prctl resumed>) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5098] setpgid(0, 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... close resumed>) = 0 [pid 5097] setpgid(0, 0 [pid 5099] <... prctl resumed>) = 0 [pid 5098] <... setpgid resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5097] <... setpgid resumed>) = 0 [pid 5099] setpgid(0, 0 [pid 5098] <... openat resumed>) = 3 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5099] <... setpgid resumed>) = 0 [pid 5096] <... openat resumed>) = 3 [pid 5097] <... openat resumed>) = 3 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5100 attached ) = 3 [pid 5098] write(3, "1000", 4 [pid 5096] write(3, "1000", 4./strace-static-x86_64: Process 5101 attached [pid 5100] set_robust_list(0x5555645e8660, 24 [pid 5097] write(3, "1000", 4 [pid 5099] write(3, "1000", 4 [pid 5098] <... write resumed>) = 4 [pid 5096] <... write resumed>) = 4 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5100 [pid 5100] <... set_robust_list resumed>) = 0 [pid 5097] <... write resumed>) = 4 [pid 5099] <... write resumed>) = 4 [pid 5101] set_robust_list(0x5555645e8660, 24 [pid 5098] close(3 [pid 5096] close(3 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5101 [pid 5101] <... set_robust_list resumed>) = 0 [pid 5100] chdir("./0" [pid 5097] close(3 [pid 5099] close(3 [pid 5098] <... close resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5101] chdir("./0" [pid 5100] <... chdir resumed>) = 0 [pid 5097] <... close resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... chdir resumed>) = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5099] symlink("/dev/binderfs", "./binderfs" [pid 5098] <... symlink resumed>) = 0 [pid 5096] <... symlink resumed>) = 0 [pid 5100] <... prctl resumed>) = 0 [pid 5096] memfd_create("syzkaller", 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0 [pid 5097] <... symlink resumed>) = 0 [pid 5099] <... symlink resumed>) = 0 [pid 5096] <... memfd_create resumed>) = 3 [pid 5101] setpgid(0, 0 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... setpgid resumed>) = 0 [pid 5100] <... setpgid resumed>) = 0 [pid 5097] memfd_create("syzkaller", 0 [pid 5098] memfd_create("syzkaller", 0 [pid 5096] <... mmap resumed>) = 0x7f6220e00000 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5097] <... memfd_create resumed>) = 3 [pid 5099] memfd_create("syzkaller", 0 [pid 5098] <... memfd_create resumed>) = 3 [pid 5101] <... openat resumed>) = 3 [pid 5100] <... openat resumed>) = 3 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5099] <... memfd_create resumed>) = 3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5097] <... mmap resumed>) = 0x7f6220e00000 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] write(3, "1000", 4 [pid 5100] write(3, "1000", 4 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5099] <... mmap resumed>) = 0x7f6220e00000 [pid 5098] <... mmap resumed>) = 0x7f6220e00000 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5101] <... write resumed>) = 4 [pid 5100] <... write resumed>) = 4 [pid 5100] close(3 [pid 5101] close(3) = 0 [pid 5100] <... close resumed>) = 0 [pid 5101] symlink("/dev/binderfs", "./binderfs" [pid 5100] symlink("/dev/binderfs", "./binderfs" [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5101] <... symlink resumed>) = 0 [pid 5100] <... symlink resumed>) = 0 [pid 5101] memfd_create("syzkaller", 0) = 3 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5097] <... write resumed>) = 524288 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5100] memfd_create("syzkaller", 0 [pid 5098] <... write resumed>) = 524288 [pid 5096] <... write resumed>) = 524288 [pid 5100] <... memfd_create resumed>) = 3 [pid 5096] munmap(0x7f6220e00000, 138412032 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5097] munmap(0x7f6220e00000, 138412032 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5098] munmap(0x7f6220e00000, 138412032 [pid 5096] <... munmap resumed>) = 0 [pid 5099] <... write resumed>) = 524288 [pid 5097] <... munmap resumed>) = 0 [pid 5101] <... write resumed>) = 524288 [pid 5099] munmap(0x7f6220e00000, 138412032 [pid 5096] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5097] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5098] <... munmap resumed>) = 0 [pid 5101] munmap(0x7f6220e00000, 138412032 [pid 5100] <... write resumed>) = 524288 [pid 5099] <... munmap resumed>) = 0 [pid 5096] <... openat resumed>) = 4 [pid 5100] munmap(0x7f6220e00000, 138412032 [pid 5097] <... openat resumed>) = 4 [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5101] <... munmap resumed>) = 0 [pid 5100] <... munmap resumed>) = 0 [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5099] <... openat resumed>) = 4 [pid 5098] <... openat resumed>) = 4 [pid 5100] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5100] <... openat resumed>) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5100] ioctl(4, LOOP_SET_FD, 3 [pid 5101] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5100] <... ioctl resumed>) = 0 [pid 5097] <... ioctl resumed>) = 0 [pid 5097] close(3) = 0 [pid 5101] <... openat resumed>) = 4 [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5097] close(4) = 0 [pid 5097] mkdir("./bus", 0777 [pid 5100] close(3) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5096] close(3 [pid 5100] close(4 [pid 5096] <... close resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5096] close(4 [pid 5100] mkdir("./bus", 0777) = 0 [pid 5097] <... mkdir resumed>) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5100] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5096] mkdir("./bus", 0777 [pid 5101] close(3 [pid 5097] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5098] close(3 [pid 5096] <... mkdir resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5098] <... close resumed>) = 0 [pid 5096] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5101] close(4 [pid 5098] close(4 [pid 5101] <... close resumed>) = 0 [pid 5098] <... close resumed>) = 0 [pid 5101] mkdir("./bus", 0777) = 0 [ 111.750613][ T5096] loop2: detected capacity change from 0 to 1024 [ 111.760211][ T5097] loop3: detected capacity change from 0 to 1024 [ 111.760566][ T5099] loop1: detected capacity change from 0 to 1024 [ 111.775894][ T5098] loop0: detected capacity change from 0 to 1024 [ 111.775904][ T5100] loop4: detected capacity change from 0 to 1024 [ 111.791960][ T5101] loop5: detected capacity change from 0 to 1024 [pid 5101] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5098] mkdir("./bus", 0777 [pid 5099] <... ioctl resumed>) = 0 [pid 5099] close(3) = 0 [pid 5099] close(4 [pid 5098] <... mkdir resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5099] mkdir("./bus", 0777) = 0 [pid 5101] <... mount resumed>) = 0 [pid 5100] <... mount resumed>) = 0 [pid 5097] <... mount resumed>) = 0 [pid 5099] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5096] <... mount resumed>) = 0 [pid 5101] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5100] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5097] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5096] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5101] <... openat resumed>) = 3 [pid 5101] chdir("./bus" [pid 5100] <... openat resumed>) = 3 [pid 5096] <... openat resumed>) = 3 [pid 5101] <... chdir resumed>) = 0 [pid 5100] chdir("./bus" [pid 5097] <... openat resumed>) = 3 [pid 5096] chdir("./bus" [pid 5101] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5100] <... chdir resumed>) = 0 [pid 5096] <... chdir resumed>) = 0 [pid 5101] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5101] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5100] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5097] chdir("./bus" [pid 5096] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5100] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5097] <... chdir resumed>) = 0 [pid 5096] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5100] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5097] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5096] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5097] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5101] <... symlink resumed>) = 0 [pid 5097] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5096] <... symlink resumed>) = 0 [pid 5101] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5099] <... mount resumed>) = 0 [pid 5099] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5099] chdir("./bus" [pid 5096] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5100] <... symlink resumed>) = 0 [pid 5098] <... mount resumed>) = 0 [pid 5099] <... chdir resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5100] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5099] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5099] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5098] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5098] chdir("./bus" [pid 5097] <... symlink resumed>) = 0 [pid 5099] <... symlink resumed>) = 0 [pid 5098] <... chdir resumed>) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5100] <... creat resumed>) = 4 [pid 5097] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5098] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5099] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5100] rename("./bus", "./file2" [pid 5098] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5096] <... creat resumed>) = 4 [pid 5101] <... creat resumed>) = 4 [pid 5096] rename("./bus", "./file2" [pid 5101] rename("./bus", "./file2" [pid 5097] <... creat resumed>) = 4 [pid 5098] <... symlink resumed>) = 0 [pid 5096] <... rename resumed>) = -1 EEXIST (File exists) [pid 5101] <... rename resumed>) = -1 EEXIST (File exists) [pid 5100] <... rename resumed>) = -1 EEXIST (File exists) [pid 5097] rename("./bus", "./file2" [pid 5099] <... creat resumed>) = 4 [pid 5098] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5096] memfd_create("syzkaller", 0 [pid 5101] memfd_create("syzkaller", 0 [pid 5100] memfd_create("syzkaller", 0 [pid 5099] rename("./bus", "./file2" [pid 5096] <... memfd_create resumed>) = 5 [pid 5101] <... memfd_create resumed>) = 5 [pid 5100] <... memfd_create resumed>) = 5 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... mmap resumed>) = 0x7f6220e00000 [pid 5100] <... mmap resumed>) = 0x7f6220e00000 [pid 5097] <... rename resumed>) = -1 EEXIST (File exists) [pid 5099] <... rename resumed>) = -1 EEXIST (File exists) [pid 5096] <... mmap resumed>) = 0x7f6220e00000 [pid 5101] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5100] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5099] memfd_create("syzkaller", 0 [pid 5098] <... creat resumed>) = 4 [pid 5097] memfd_create("syzkaller", 0 [pid 5099] <... memfd_create resumed>) = 5 [pid 5098] rename("./bus", "./file2" [pid 5097] <... memfd_create resumed>) = 5 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5099] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5098] <... rename resumed>) = -1 EEXIST (File exists) [pid 5097] <... mmap resumed>) = 0x7f6220e00000 [pid 5098] memfd_create("syzkaller", 0 [pid 5096] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5101] <... write resumed>) = 524288 [pid 5100] <... write resumed>) = 524288 [pid 5097] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5098] <... memfd_create resumed>) = 5 [pid 5099] <... write resumed>) = 524288 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5096] <... write resumed>) = 524288 [pid 5101] munmap(0x7f6220e00000, 138412032 [pid 5100] munmap(0x7f6220e00000, 138412032 [pid 5099] munmap(0x7f6220e00000, 138412032 [pid 5098] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5096] munmap(0x7f6220e00000, 138412032 [pid 5101] <... munmap resumed>) = 0 [pid 5099] <... munmap resumed>) = 0 [pid 5101] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5100] <... munmap resumed>) = 0 [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5096] <... munmap resumed>) = 0 [pid 5101] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5101] close(5 [pid 5100] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5099] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5096] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5100] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5096] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5100] close(5 [pid 5099] close(5 [pid 5096] close(5 [pid 5100] <... close resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5097] <... write resumed>) = 524288 [pid 5099] <... close resumed>) = 0 [pid 5098] <... write resumed>) = 524288 [pid 5097] munmap(0x7f6220e00000, 138412032) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5098] munmap(0x7f6220e00000, 138412032 [pid 5097] close(5 [pid 5100] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5097] <... close resumed>) = 0 [pid 5098] <... munmap resumed>) = 0 [pid 5101] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5096] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5098] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5099] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5098] close(5 [pid 5096] <... open resumed>) = 5 [pid 5101] <... open resumed>) = 5 [pid 5098] <... close resumed>) = 0 [pid 5101] ftruncate(5, 0 [pid 5100] <... open resumed>) = 5 [pid 5097] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5099] <... open resumed>) = 5 [pid 5099] ftruncate(5, 0 [pid 5098] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5096] ftruncate(5, 0 [pid 5100] ftruncate(5, 0 [pid 5099] <... ftruncate resumed>) = 0 [pid 5096] <... ftruncate resumed>) = 0 [pid 5097] <... open resumed>) = 5 [pid 5101] <... ftruncate resumed>) = 0 [pid 5100] <... ftruncate resumed>) = 0 [pid 5097] ftruncate(5, 0 [pid 5096] exit_group(0 [pid 5097] <... ftruncate resumed>) = 0 [pid 5099] exit_group(0 [pid 5096] <... exit_group resumed>) = ? [pid 5101] exit_group(0 [pid 5096] +++ exited with 0 +++ [pid 5101] <... exit_group resumed>) = ? [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5099] <... exit_group resumed>) = ? [pid 5091] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5100] exit_group(0 [pid 5091] <... openat resumed>) = 3 [pid 5100] <... exit_group resumed>) = ? [pid 5097] exit_group(0 [ 112.074924][ T28] audit: type=1800 audit(1713724082.418:2): pid=5096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop2" ino=20 res=0 errno=0 [pid 5091] newfstatat(3, "", [pid 5100] +++ exited with 0 +++ [pid 5097] <... exit_group resumed>) = ? [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5099] +++ exited with 0 +++ [pid 5091] getdents64(3, [pid 5094] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5098] <... open resumed>) = 5 [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] newfstatat(3, "", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5097] +++ exited with 0 +++ [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5094] getdents64(3, [pid 5092] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5101] +++ exited with 0 +++ [pid 5098] ftruncate(5, 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(3, "", [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5098] <... ftruncate resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5098] exit_group(0 [pid 5092] <... openat resumed>) = 3 [pid 5090] getdents64(3, [pid 5092] newfstatat(3, "", [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5098] <... exit_group resumed>) = ? [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5098] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] getdents64(3, [pid 5095] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5095] <... openat resumed>) = 3 [pid 5092] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, [pid 5089] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5091] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] getdents64(3, [pid 5091] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [ 112.190814][ T28] audit: type=1800 audit(1713724082.418:3): pid=5101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop5" ino=20 res=0 errno=0 [pid 5091] rmdir("./0/bus") = 0 [pid 5095] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] newfstatat(AT_FDCWD, "./0/bus", [pid 5094] newfstatat(AT_FDCWD, "./0/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5095] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./0/bus", [pid 5095] <... openat resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] newfstatat(4, "", [pid 5094] <... openat resumed>) = 4 [pid 5092] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] newfstatat(4, "", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... umount2 resumed>) = 0 [pid 5095] getdents64(4, [pid 5094] getdents64(4, [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] <... openat resumed>) = 4 [pid 5090] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] close(4 [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(4 [pid 5095] rmdir("./0/bus" [pid 5094] <... close resumed>) = 0 [pid 5092] newfstatat(4, "", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./0/bus", [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] rmdir("./0/bus" [pid 5092] getdents64(4, [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] unlink("./0/binderfs" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5091] <... unlink resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5092] close(4 [pid 5090] newfstatat(4, "", [pid 5092] <... close resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] rmdir("./0/bus" [pid 5090] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5091] getdents64(3, [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [ 112.238798][ T28] audit: type=1800 audit(1713724082.448:4): pid=5099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [pid 5090] getdents64(4, [pid 5091] close(3 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] close(4 [pid 5091] rmdir("./0" [pid 5090] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5094] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5091] <... rmdir resumed>) = 0 [pid 5090] rmdir("./0/bus" [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... rmdir resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] mkdir("./1", 0777 [pid 5090] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] unlink("./0/binderfs" [pid 5094] unlink("./0/binderfs" [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5092] unlink("./0/binderfs" [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] getdents64(3, [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] unlink("./0/binderfs" [pid 5095] <... unlink resumed>) = 0 [pid 5094] getdents64(3, [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5092] close(3 [pid 5091] close(3 [pid 5090] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] rmdir("./0" [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] close(3 [pid 5095] getdents64(3, [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5089] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5090] rmdir("./0" [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] close(3 [pid 5094] <... close resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./0/bus", [pid 5095] <... close resumed>) = 0 [pid 5094] rmdir("./0" [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5105 [pid 5090] mkdir("./1", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] rmdir("./0") = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5089] umount2("./0/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5105 attached [pid 5095] mkdir("./1", 0777 [pid 5094] mkdir("./1", 0777 [pid 5092] mkdir("./1", 0777 [pid 5090] <... mkdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5105] set_robust_list(0x5555645e8660, 24) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./0/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 112.305200][ T28] audit: type=1800 audit(1713724082.448:5): pid=5100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop4" ino=20 res=0 errno=0 [pid 5105] chdir("./1") = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... openat resumed>) = 3 [pid 5089] newfstatat(4, "", [pid 5105] <... prctl resumed>) = 0 [pid 5105] setpgid(0, 0) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5105] <... openat resumed>) = 3 [pid 5095] close(3 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] getdents64(4, [pid 5105] write(3, "1000", 4 [pid 5095] <... close resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5105] <... write resumed>) = 4 [pid 5105] close(3) = 0 [pid 5105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... ioctl resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5105] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5107 attached ) = 3 [pid 5092] close(3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5089] getdents64(4, [pid 5107] set_robust_list(0x5555645e8660, 24 [pid 5092] <... close resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5107 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5107] <... set_robust_list resumed>) = 0 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] close(3 [pid 5089] close(4 [pid 5105] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] rmdir("./0/bus" [pid 5107] chdir("./1" [pid 5089] <... rmdir resumed>) = 0 [pid 5107] <... chdir resumed>) = 0 [pid 5089] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5107] <... prctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5108 attached [pid 5107] setpgid(0, 0 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5108 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5109 [pid 5089] unlink("./0/binderfs" [pid 5108] set_robust_list(0x5555645e8660, 24 [pid 5107] <... setpgid resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5108] <... set_robust_list resumed>) = 0 [ 112.394743][ T28] audit: type=1800 audit(1713724082.448:6): pid=5097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop3" ino=20 res=0 errno=0 [pid 5089] getdents64(3, [pid 5108] chdir("./1" [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5109 attached [pid 5109] set_robust_list(0x5555645e8660, 24) = 0 [pid 5109] chdir("./1") = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5109] setpgid(0, 0) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] <... chdir resumed>) = 0 [pid 5109] write(3, "1000", 4 [pid 5107] <... openat resumed>) = 3 [pid 5105] <... write resumed>) = 524288 [pid 5089] close(3 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5107] write(3, "1000", 4 [pid 5108] <... prctl resumed>) = 0 [pid 5107] <... write resumed>) = 4 [pid 5089] <... close resumed>) = 0 [pid 5108] setpgid(0, 0 [pid 5089] rmdir("./0" [pid 5108] <... setpgid resumed>) = 0 [pid 5107] close(3 [pid 5109] <... write resumed>) = 4 [pid 5109] close(3 [pid 5089] <... rmdir resumed>) = 0 [pid 5109] <... close resumed>) = 0 [pid 5105] munmap(0x7f6220e00000, 138412032 [pid 5089] mkdir("./1", 0777 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5107] <... close resumed>) = 0 [pid 5105] <... munmap resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5109] <... symlink resumed>) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs" [pid 5094] close(3 [pid 5109] memfd_create("syzkaller", 0 [pid 5107] <... symlink resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5109] <... memfd_create resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5107] memfd_create("syzkaller", 0 [pid 5105] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... openat resumed>) = 3 [ 112.441909][ T5102] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [pid 5109] <... mmap resumed>) = 0x7f6220e00000 [pid 5105] <... openat resumed>) = 4 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5108] <... openat resumed>) = 3 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] ioctl(4, LOOP_SET_FD, 3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5105] <... ioctl resumed>) = 0 [pid 5108] write(3, "1000", 4 [pid 5107] <... memfd_create resumed>) = 3 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5110 [pid 5108] <... write resumed>) = 4 [pid 5108] close(3./strace-static-x86_64: Process 5110 attached ) = 0 [pid 5107] <... mmap resumed>) = 0x7f6220e00000 [pid 5110] set_robust_list(0x5555645e8660, 24 [pid 5108] symlink("/dev/binderfs", "./binderfs" [pid 5110] <... set_robust_list resumed>) = 0 [pid 5108] <... symlink resumed>) = 0 [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] close(3) = 0 [pid 5110] chdir("./1") = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5105] close(4 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [ 112.497569][ T5105] loop2: detected capacity change from 0 to 1024 [ 112.510719][ T28] audit: type=1800 audit(1713724082.478:7): pid=5098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop0" ino=20 res=0 errno=0 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5108] memfd_create("syzkaller", 0 [pid 5105] <... close resumed>) = 0 [pid 5105] mkdir("./bus", 0777 [pid 5109] <... write resumed>) = 524288 [pid 5108] <... memfd_create resumed>) = 3 [pid 5109] munmap(0x7f6220e00000, 138412032 [pid 5107] <... write resumed>) = 524288 [pid 5105] <... mkdir resumed>) = 0 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... munmap resumed>) = 0 [pid 5108] <... mmap resumed>) = 0x7f6220e00000 [pid 5109] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5110] <... write resumed>) = 524288 [pid 5109] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5109] ioctl(4, LOOP_CLR_FD) = 0 [pid 5109] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5105] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5109] close(4) = 0 [pid 5109] close(3 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5107] munmap(0x7f6220e00000, 138412032 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5111 ./strace-static-x86_64: Process 5111 attached [pid 5111] set_robust_list(0x5555645e8660, 24 [pid 5109] <... close resumed>) = 0 [pid 5111] <... set_robust_list resumed>) = 0 [pid 5110] munmap(0x7f6220e00000, 138412032 [pid 5109] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5110] <... munmap resumed>) = 0 [pid 5109] <... symlink resumed>) = 0 [pid 5107] <... munmap resumed>) = 0 [pid 5111] chdir("./1") = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5110] <... openat resumed>) = 4 [pid 5111] <... prctl resumed>) = 0 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5111] setpgid(0, 0) = 0 [pid 5109] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5107] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5107] <... openat resumed>) = 4 [pid 5105] <... mount resumed>) = 0 [pid 5111] <... openat resumed>) = 3 [pid 5109] <... creat resumed>) = 3 [pid 5105] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5109] rename("./bus", "./file2" [pid 5105] chdir("./bus" [pid 5111] write(3, "1000", 4 [pid 5107] ioctl(4, LOOP_SET_FD, 3 [pid 5105] <... chdir resumed>) = 0 [pid 5111] <... write resumed>) = 4 [pid 5105] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5111] close(3 [pid 5105] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5111] <... close resumed>) = 0 [pid 5105] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5111] symlink("/dev/binderfs", "./binderfs" [pid 5109] <... rename resumed>) = 0 [pid 5105] <... symlink resumed>) = 0 [pid 5111] <... symlink resumed>) = 0 [pid 5110] <... ioctl resumed>) = 0 [pid 5109] memfd_create("syzkaller", 0 [pid 5110] close(3 [pid 5108] <... write resumed>) = 524288 [pid 5109] <... memfd_create resumed>) = 4 [pid 5110] <... close resumed>) = 0 [pid 5108] munmap(0x7f6220e00000, 138412032 [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5110] close(4 [pid 5109] <... mmap resumed>) = 0x7f6220e00000 [pid 5111] memfd_create("syzkaller", 0 [pid 5110] <... close resumed>) = 0 [pid 5108] <... munmap resumed>) = 0 [pid 5109] write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5110] mkdir("./bus", 0777) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5111] <... memfd_create resumed>) = 3 [pid 5110] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5108] <... openat resumed>) = 4 [pid 5105] <... creat resumed>) = 4 [ 112.650071][ T5110] loop4: detected capacity change from 0 to 1024 [ 112.678089][ T5107] loop5: detected capacity change from 0 to 1024 [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5107] <... ioctl resumed>) = 0 [pid 5105] rename("./bus", "./file2" [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5110] <... mount resumed>) = 0 [pid 5107] close(3 [pid 5105] <... rename resumed>) = -1 EEXIST (File exists) [pid 5111] <... mmap resumed>) = 0x7f6220e00000 [pid 5110] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5108] <... ioctl resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5105] memfd_create("syzkaller", 0 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5110] <... openat resumed>) = 3 [pid 5108] close(3 [pid 5107] close(4 [pid 5105] <... memfd_create resumed>) = 5 [pid 5107] <... close resumed>) = 0 [pid 5108] <... close resumed>) = 0 [pid 5108] close(4 [pid 5110] chdir("./bus" [pid 5108] <... close resumed>) = 0 [pid 5107] mkdir("./bus", 0777 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5108] mkdir("./bus", 0777 [pid 5110] <... chdir resumed>) = 0 [pid 5105] <... mmap resumed>) = 0x7f6220e00000 [ 112.713335][ T5108] loop3: detected capacity change from 0 to 1024 [pid 5110] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5108] <... mkdir resumed>) = 0 [pid 5107] <... mkdir resumed>) = 0 [pid 5110] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5110] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5110] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5108] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5105] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5109] <... write resumed>) = 524288 [pid 5107] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5111] <... write resumed>) = 524288 [pid 5108] <... mount resumed>) = 0 [pid 5109] munmap(0x7f6220e00000, 138412032 [pid 5107] <... mount resumed>) = 0 [pid 5108] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5110] <... creat resumed>) = 4 [pid 5108] <... openat resumed>) = 3 [pid 5109] <... munmap resumed>) = 0 [pid 5107] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5105] <... write resumed>) = 524288 [pid 5110] rename("./bus", "./file2" [pid 5109] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5108] chdir("./bus") = 0 [pid 5109] <... openat resumed>) = 5 [pid 5107] <... openat resumed>) = 3 [pid 5108] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5111] munmap(0x7f6220e00000, 138412032 [pid 5108] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5109] ioctl(5, LOOP_SET_FD, 4 [pid 5107] chdir("./bus" [pid 5108] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5107] <... chdir resumed>) = 0 [pid 5107] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5110] <... rename resumed>) = -1 EEXIST (File exists) [pid 5108] <... symlink resumed>) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5107] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5105] munmap(0x7f6220e00000, 138412032 [pid 5108] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5107] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5110] memfd_create("syzkaller", 0 [pid 5109] close(4 [pid 5105] <... munmap resumed>) = 0 [pid 5110] <... memfd_create resumed>) = 5 [pid 5109] <... close resumed>) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] close(5 [pid 5110] <... mmap resumed>) = 0x7f6220e00000 [pid 5109] <... close resumed>) = 0 [pid 5105] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5110] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5109] mkdir("./file1", 0777 [pid 5107] <... symlink resumed>) = 0 [pid 5105] close(5 [pid 5111] <... munmap resumed>) = 0 [pid 5108] <... creat resumed>) = 4 [pid 5109] <... mkdir resumed>) = 0 [pid 5107] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5109] mount("/dev/loop1", "./file1", "hfsplus", MS_NOATIME|MS_SILENT|MS_STRICTATIME, "" [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [ 112.829781][ T5109] loop1: detected capacity change from 0 to 1024 [pid 5108] rename("./bus", "./file2" [pid 5111] <... openat resumed>) = 4 [pid 5108] <... rename resumed>) = -1 EEXIST (File exists) [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5105] <... close resumed>) = 0 [pid 5108] memfd_create("syzkaller", 0) = 5 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5107] <... creat resumed>) = 4 [pid 5108] <... mmap resumed>) = 0x7f6220e00000 [pid 5107] rename("./bus", "./file2" [pid 5105] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5107] <... rename resumed>) = -1 EEXIST (File exists) [pid 5107] memfd_create("syzkaller", 0 [pid 5110] <... write resumed>) = 524288 [pid 5109] <... mount resumed>) = 0 [pid 5107] <... memfd_create resumed>) = 5 [ 112.897453][ T5111] loop0: detected capacity change from 0 to 1024 [pid 5110] munmap(0x7f6220e00000, 138412032 [pid 5108] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5109] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5105] <... open resumed>) = 5 [pid 5111] <... ioctl resumed>) = 0 [pid 5110] <... munmap resumed>) = 0 [pid 5111] close(3 [pid 5109] <... openat resumed>) = 4 [pid 5107] <... mmap resumed>) = 0x7f6220e00000 [pid 5111] <... close resumed>) = 0 [pid 5110] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5109] chdir("./file1" [pid 5105] ftruncate(5, 0 [pid 5111] close(4 [pid 5110] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5109] <... chdir resumed>) = 0 [pid 5105] <... ftruncate resumed>) = 0 [pid 5111] <... close resumed>) = 0 [pid 5110] close(5 [pid 5109] openat(AT_FDCWD, "/dev/loop1", O_RDWR [ 112.939194][ T28] audit: type=1800 audit(1713724083.288:8): pid=5105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop2" ino=20 res=0 errno=0 [pid 5105] exit_group(0 [pid 5111] mkdir("./bus", 0777 [pid 5110] <... close resumed>) = 0 [pid 5109] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5107] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] <... exit_group resumed>) = ? [pid 5111] <... mkdir resumed>) = 0 [pid 5108] <... write resumed>) = 524288 [pid 5109] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5105] +++ exited with 0 +++ [pid 5110] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5111] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5110] <... open resumed>) = 5 [pid 5108] munmap(0x7f6220e00000, 138412032 [pid 5109] <... open resumed>) = 5 [pid 5107] <... write resumed>) = 524288 [pid 5109] ftruncate(5, 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5110] ftruncate(5, 0 [pid 5108] <... munmap resumed>) = 0 [pid 5107] munmap(0x7f6220e00000, 138412032 [pid 5091] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5108] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 113.059023][ T5109] [ 113.062117][ T5109] ====================================================== [ 113.069150][ T5109] WARNING: possible circular locking dependency detected [ 113.076181][ T5109] 6.9.0-rc4-syzkaller-00266-g977b1ef51866 #0 Not tainted [ 113.083219][ T5109] ------------------------------------------------------ [ 113.090262][ T5109] syz-executor341/5109 is trying to acquire lock: [ 113.096693][ T5109] ffff8880297a20b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x886/0x9e0 [ 113.106638][ T5109] [ 113.106638][ T5109] but task is already holding lock: [ 113.106896][ T28] audit: type=1800 audit(1713724083.398:9): pid=5109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 113.113991][ T5109] ffff888023c5f3c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x204/0x9e0 [ 113.145854][ T5109] [ 113.145854][ T5109] which lock already depends on the new lock. [ 113.145854][ T5109] [ 113.156273][ T5109] [pid 5110] <... ftruncate resumed>) = 0 [pid 5108] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 113.156273][ T5109] the existing dependency chain (in reverse order) is: [ 113.165300][ T5109] [ 113.165300][ T5109] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}: [ 113.166145][ T28] audit: type=1800 audit(1713724083.398:10): pid=5110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 113.174365][ T5109] __mutex_lock+0x175/0x9c0 [ 113.200181][ T5109] hfsplus_file_extend+0x1c1/0x1090 [pid 5107] <... munmap resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5108] close(5 [pid 5107] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... openat resumed>) = 3 [pid 5091] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5107] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5107] close(5 [pid 5108] <... close resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5108] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [ 113.205963][ T5109] hfsplus_bmap_reserve+0x31c/0x410 [ 113.211752][ T5109] hfsplus_rename_cat+0x2b1/0x1240 [ 113.217445][ T5109] hfsplus_rename+0x118/0x200 [ 113.222795][ T5109] vfs_rename+0xf87/0x20a0 [ 113.227796][ T5109] do_renameat2+0xc54/0xdc0 [ 113.232879][ T5109] __x64_sys_rename+0x81/0xa0 [ 113.238146][ T5109] do_syscall_64+0xcf/0x260 [ 113.243212][ T5109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.249693][ T5109] [ 113.249693][ T5109] -> #0 (&tree->tree_lock){+.+.}-{3:3}: [ 113.257461][ T5109] __lock_acquire+0x2478/0x3b30 [ 113.262858][ T5109] lock_acquire+0x1b1/0x560 [ 113.267906][ T5109] __mutex_lock+0x175/0x9c0 [ 113.272968][ T5109] hfsplus_file_truncate+0x886/0x9e0 [ 113.278815][ T5109] hfsplus_setattr+0x1eb/0x310 [ 113.284128][ T5109] notify_change+0x745/0x11c0 [ 113.289362][ T5109] do_truncate+0x15c/0x220 [ 113.294328][ T5109] do_ftruncate+0x5e5/0x720 [ 113.299391][ T5109] __x64_sys_ftruncate+0xa9/0x110 [ 113.304965][ T5109] do_syscall_64+0xcf/0x260 [ 113.310008][ T5109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.316466][ T5109] [ 113.316466][ T5109] other info that might help us debug this: [ 113.316466][ T5109] [ 113.326697][ T5109] Possible unsafe locking scenario: [ 113.326697][ T5109] [ 113.334151][ T5109] CPU0 CPU1 [ 113.339525][ T5109] ---- ---- [ 113.344895][ T5109] lock(&HFSPLUS_I(inode)->extents_lock); [ 113.350719][ T5109] lock(&tree->tree_lock); [ 113.357792][ T5109] lock(&HFSPLUS_I(inode)->extents_lock); [ 113.366156][ T5109] lock(&tree->tree_lock); [ 113.370702][ T5109] [ 113.370702][ T5109] *** DEADLOCK *** [ 113.370702][ T5109] [ 113.378849][ T5109] 3 locks held by syz-executor341/5109: [ 113.384403][ T5109] #0: ffff888029716420 (sb_writers#9){.+.+}-{0:0}, at: __x64_sys_ftruncate+0xa9/0x110 [ 113.394158][ T5109] #1: ffff888023c5f5c0 (&sb->s_type->i_mutex_key#15){+.+.}-{3:3}, at: do_truncate+0x14b/0x220 [ 113.404588][ T5109] #2: ffff888023c5f3c8 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x204/0x9e0 [ 113.416231][ T5109] [ 113.416231][ T5109] stack backtrace: [ 113.422214][ T5109] CPU: 1 PID: 5109 Comm: syz-executor341 Not tainted 6.9.0-rc4-syzkaller-00266-g977b1ef51866 #0 [ 113.432648][ T5109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 113.442743][ T5109] Call Trace: [ 113.446038][ T5109] [ 113.448983][ T5109] dump_stack_lvl+0x116/0x1f0 [ 113.453718][ T5109] check_noncircular+0x31a/0x400 [ 113.458694][ T5109] ? __pfx_check_noncircular+0x10/0x10 [ 113.464266][ T5109] ? register_lock_class+0xb1/0x1230 [ 113.469590][ T5109] ? __pfx_lock_release+0x10/0x10 [ 113.474640][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.480304][ T5109] ? lockdep_lock+0xc6/0x200 [ 113.485020][ T5109] ? __pfx_lockdep_lock+0x10/0x10 [ 113.490091][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.495752][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.501414][ T5109] __lock_acquire+0x2478/0x3b30 [ 113.506307][ T5109] ? __pfx___lock_acquire+0x10/0x10 [ 113.511632][ T5109] ? mark_lock+0xb5/0xc60 [ 113.515983][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.521644][ T5109] ? find_held_lock+0x2d/0x110 [ 113.526449][ T5109] lock_acquire+0x1b1/0x560 [ 113.530977][ T5109] ? hfsplus_file_truncate+0x886/0x9e0 [ 113.536486][ T5109] ? __pfx_lock_acquire+0x10/0x10 [ 113.541546][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.547206][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.552867][ T5109] ? __mutex_unlock_slowpath+0x164/0x650 [ 113.558539][ T5109] ? __pfx___might_resched+0x10/0x10 [ 113.563855][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.569519][ T5109] __mutex_lock+0x175/0x9c0 [ 113.574061][ T5109] ? hfsplus_file_truncate+0x886/0x9e0 [ 113.579562][ T5109] ? hfsplus_file_truncate+0x886/0x9e0 [ 113.585072][ T5109] ? _raw_spin_unlock+0x28/0x50 [ 113.589959][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.595620][ T5109] ? __pfx___mutex_lock+0x10/0x10 [ 113.600684][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.606354][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.612018][ T5109] ? hfsplus_file_truncate+0x886/0x9e0 [ 113.617518][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.623175][ T5109] hfsplus_file_truncate+0x886/0x9e0 [ 113.628587][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.634248][ T5109] ? __up_read+0x1fb/0x760 [ 113.638736][ T5109] ? __pfx_hfsplus_file_truncate+0x10/0x10 [ 113.644611][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.650284][ T5109] ? inode_newsize_ok+0x13b/0x200 [ 113.655351][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.661023][ T5109] hfsplus_setattr+0x1eb/0x310 [ 113.665831][ T5109] ? __pfx_hfsplus_setattr+0x10/0x10 [ 113.671156][ T5109] notify_change+0x745/0x11c0 [ 113.675883][ T5109] do_truncate+0x15c/0x220 [ 113.680330][ T5109] ? __pfx_do_truncate+0x10/0x10 [ 113.685295][ T5109] ? srso_alias_return_thunk+0x5/0xfbef5 [ 113.690958][ T5109] ? common_perm_cond+0x242/0x560 [ 113.696023][ T5109] do_ftruncate+0x5e5/0x720 [ 113.700561][ T5109] __x64_sys_ftruncate+0xa9/0x110 [ 113.705619][ T5109] do_syscall_64+0xcf/0x260 [ 113.710149][ T5109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.716090][ T5109] RIP: 0033:0x7f622934d459 [ 113.720527][ T5109] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 113.740158][ T5109] RSP: 002b:00007ffc7b5a9ab8 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 113.748598][ T5109] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f622934d459 [pid 5107] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5111] <... mount resumed>) = 0 [pid 5110] exit_group(0 [pid 5109] <... ftruncate resumed>) = 0 [pid 5107] <... open resumed>) = 5 [pid 5091] <... umount2 resumed>) = 0 [pid 5111] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5110] <... exit_group resumed>) = ? [pid 5107] ftruncate(5, 0 [pid 5111] <... openat resumed>) = 3 [pid 5110] +++ exited with 0 +++ [pid 5109] exit_group(0 [pid 5107] <... ftruncate resumed>) = 0 [pid 5091] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5111] chdir("./bus" [ 113.756589][ T5109] RDX: 0000000000000057 RSI: 0000000000000000 RDI: 0000000000000005 [ 113.764573][ T5109] RBP: 0073756c70736668 R08: 00000000200003c0 R09: 00007ffc7b5a9af0 [ 113.772560][ T5109] R10: 0000000000000640 R11: 0000000000000246 R12: 00007ffc7b5a9adc [ 113.780757][ T5109] R13: 0000000000000001 R14: 431bde82d7b634db R15: 00007ffc7b5a9b10 [ 113.788764][ T5109] [pid 5107] exit_group(0 [pid 5111] <... chdir resumed>) = 0 [pid 5109] <... exit_group resumed>) = ? [pid 5107] <... exit_group resumed>) = ? [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5107] +++ exited with 0 +++ [pid 5111] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5109] +++ exited with 0 +++ [pid 5111] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] newfstatat(AT_FDCWD, "./1/bus", [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5091] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5095] <... restart_syscall resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(4, "", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5091] getdents64(4, [pid 5090] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] <... openat resumed>) = 3 [pid 5095] getdents64(3, [pid 5094] newfstatat(3, "", [pid 5091] getdents64(4, [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5111] <... symlink resumed>) = 0 [pid 5095] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5090] newfstatat(3, "", [pid 5111] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5111] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5094] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] getdents64(3, [pid 5111] memfd_create("syzkaller", 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 6 entries */, 32768) = 416 [pid 5111] <... memfd_create resumed>) = 5 [pid 5090] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5111] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] unlink("./1/binderfs") = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] umount2("./1/file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] rmdir("./1/bus" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... rmdir resumed>) = 0 [pid 5090] newfstatat(AT_FDCWD, "./1/file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", [pid 5091] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=5, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] unlink("./1/file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5090] <... unlink resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./1/file2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] unlink("./1/binderfs" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = 0 [pid 5090] newfstatat(AT_FDCWD, "./1/file2", [pid 5094] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... unlink resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFREG|000, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] getdents64(3, [pid 5090] unlink("./1/file2" [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5091] close(3 [pid 5090] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [ 113.819123][ T28] audit: type=1800 audit(1713724084.148:11): pid=5107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop5" ino=20 res=0 errno=0 [pid 5091] rmdir("./1") = 0 [pid 5091] mkdir("./2", 0777 [pid 5094] newfstatat(AT_FDCWD, "./1/bus", [pid 5091] <... mkdir resumed>) = 0 [pid 5108] <... open resumed>) = 5 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5108] ftruncate(5, 0 [pid 5095] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5108] <... ftruncate resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... openat resumed>) = 4 [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] newfstatat(AT_FDCWD, "./1/bus", [pid 5094] newfstatat(4, "", [pid 5091] <... openat resumed>) = 3 [pid 5108] exit_group(0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5108] <... exit_group resumed>) = ? [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./1/bus" [pid 5111] <... write resumed>) = 524288 [pid 5108] +++ exited with 0 +++ [pid 5095] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... rmdir resumed>) = 0 [pid 5090] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5092] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... ioctl resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5111] munmap(0x7f6220e00000, 138412032 [pid 5090] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5111] <... munmap resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5090] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] close(3 [pid 5090] getdents64(4, [pid 5091] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5090] close(4 [pid 5111] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5111] close(5 [pid 5090] <... close resumed>) = 0 [pid 5111] <... close resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] rmdir("./1/file1" [pid 5095] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... openat resumed>) = 4 [pid 5094] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5095] newfstatat(4, "", [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] unlink("./1/binderfs" [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] <... unlink resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5095] getdents64(4, [pid 5094] getdents64(3, [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5113 [pid 5094] close(3 [pid 5095] close(4 [pid 5094] <... close resumed>) = 0 ./strace-static-x86_64: Process 5113 attached [pid 5090] getdents64(3, [pid 5113] set_robust_list(0x5555645e8660, 24) = 0 [pid 5113] chdir("./2" [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5113] <... chdir resumed>) = 0 [pid 5090] close(3 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... close resumed>) = 0 [pid 5113] <... prctl resumed>) = 0 [pid 5113] setpgid(0, 0 [pid 5090] rmdir("./1" [pid 5113] <... setpgid resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5113] write(3, "1000", 4) = 4 [pid 5113] close(3) = 0 [pid 5113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] rmdir("./1" [pid 5113] memfd_create("syzkaller", 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5113] <... memfd_create resumed>) = 3 [pid 5111] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] rmdir("./1/bus" [pid 5094] <... rmdir resumed>) = 0 [pid 5090] mkdir("./2", 0777 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] mkdir("./2", 0777 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5111] <... open resumed>) = 5 [pid 5095] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... mkdir resumed>) = 0 [pid 5092] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5113] <... mmap resumed>) = 0x7f6220e00000 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5111] ftruncate(5, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5092] newfstatat(AT_FDCWD, "./1/bus", [pid 5094] <... openat resumed>) = 3 [pid 5095] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5111] <... ftruncate resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5111] exit_group(0) = ? [pid 5095] unlink("./1/binderfs" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] +++ exited with 0 +++ [pid 5092] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5089] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5092] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(4, [pid 5089] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(3, [pid 5092] getdents64(4, [pid 5089] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] close(3 [pid 5092] close(4 [pid 5095] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5095] rmdir("./1" [pid 5092] rmdir("./1/bus" [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] <... rmdir resumed>) = 0 [pid 5089] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./1/binderfs") = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./1") = 0 [pid 5092] mkdir("./2", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5113] <... write resumed>) = 524288 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5113] munmap(0x7f6220e00000, 138412032 [pid 5095] mkdir("./2", 0777 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5113] <... munmap resumed>) = 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5089] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5089] newfstatat(AT_FDCWD, "./1/bus", [pid 5113] <... openat resumed>) = 4 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... openat resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./1/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./1/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5113] <... ioctl resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5113] close(3 [pid 5094] close(3 [pid 5113] <... close resumed>) = 0 [pid 5090] close(3 [pid 5113] close(4 [pid 5094] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5113] <... close resumed>) = 0 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [ 114.014537][ T5113] loop2: detected capacity change from 0 to 1024 [pid 5089] rmdir("./1/bus") = 0 [pid 5113] mkdir("./bus", 0777 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] close(3 [pid 5090] <... close resumed>) = 0 ./strace-static-x86_64: Process 5114 attached [pid 5113] <... mkdir resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5114 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5115 [pid 5089] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] set_robust_list(0x5555645e8660, 24 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5113] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./1/binderfs") = 0 ./strace-static-x86_64: Process 5115 attached [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5116 [pid 5089] getdents64(3, ./strace-static-x86_64: Process 5116 attached [pid 5115] set_robust_list(0x5555645e8660, 24 [pid 5114] <... set_robust_list resumed>) = 0 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5116] set_robust_list(0x5555645e8660, 24 [pid 5115] <... set_robust_list resumed>) = 0 [pid 5116] <... set_robust_list resumed>) = 0 [pid 5115] chdir("./2" [pid 5114] chdir("./2" [pid 5089] close(3 [pid 5115] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5116] chdir("./2" [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] rmdir("./1" [pid 5116] <... chdir resumed>) = 0 [pid 5115] <... prctl resumed>) = 0 [pid 5114] <... chdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5115] setpgid(0, 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5115] <... setpgid resumed>) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] mkdir("./2", 0777 [pid 5116] <... prctl resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5114] <... prctl resumed>) = 0 [pid 5116] setpgid(0, 0 [pid 5114] setpgid(0, 0 [pid 5116] <... setpgid resumed>) = 0 [pid 5114] <... setpgid resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5113] <... mount resumed>) = 0 [pid 5095] close(3 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5115] <... openat resumed>) = 3 [pid 5116] <... openat resumed>) = 3 [pid 5114] <... openat resumed>) = 3 [pid 5095] <... close resumed>) = 0 [pid 5113] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5113] <... openat resumed>) = 3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... openat resumed>) = 3 [pid 5116] write(3, "1000", 4 [pid 5114] write(3, "1000", 4 [pid 5113] chdir("./bus" [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5116] <... write resumed>) = 4 [pid 5114] <... write resumed>) = 4 [pid 5116] close(3 [pid 5114] close(3 [pid 5113] <... chdir resumed>) = 0 [pid 5116] <... close resumed>) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs" [pid 5113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5114] <... close resumed>) = 0 [pid 5116] <... symlink resumed>) = 0 [pid 5115] write(3, "1000", 4 [pid 5114] symlink("/dev/binderfs", "./binderfs" [pid 5113] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5115] <... write resumed>) = 4 [pid 5115] close(3) = 0 [pid 5115] symlink("/dev/binderfs", "./binderfs" [pid 5114] <... symlink resumed>) = 0 [pid 5116] memfd_create("syzkaller", 0 [pid 5115] <... symlink resumed>) = 0 [pid 5113] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5114] memfd_create("syzkaller", 0 [pid 5116] <... memfd_create resumed>) = 3 [pid 5114] <... memfd_create resumed>) = 3 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] <... mmap resumed>) = 0x7f6220e00000 [pid 5115] memfd_create("syzkaller", 0 [pid 5114] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5117 ./strace-static-x86_64: Process 5117 attached [pid 5115] <... memfd_create resumed>) = 3 [pid 5117] set_robust_list(0x5555645e8660, 24 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5117] <... set_robust_list resumed>) = 0 [pid 5117] chdir("./2") = 0 [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5113] <... symlink resumed>) = 0 [pid 5117] setpgid(0, 0) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5113] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5117] <... openat resumed>) = 3 [pid 5089] <... ioctl resumed>) = 0 [pid 5117] write(3, "1000", 4 [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5117] <... write resumed>) = 4 [pid 5117] close(3) = 0 [pid 5117] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5117] memfd_create("syzkaller", 0 [pid 5113] <... creat resumed>) = 4 [pid 5113] rename("./bus", "./file2" [pid 5117] <... memfd_create resumed>) = 3 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5113] <... rename resumed>) = -1 EEXIST (File exists) [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5114] <... write resumed>) = 524288 [pid 5113] memfd_create("syzkaller", 0) = 5 [pid 5116] <... write resumed>) = 524288 [pid 5114] munmap(0x7f6220e00000, 138412032 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5116] munmap(0x7f6220e00000, 138412032 [pid 5115] <... write resumed>) = 524288 [pid 5114] <... munmap resumed>) = 0 [pid 5089] close(3 [pid 5113] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5116] <... munmap resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5116] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5117] <... write resumed>) = 524288 [pid 5116] <... openat resumed>) = 4 [pid 5114] ioctl(4, LOOP_SET_FD, 3 [pid 5115] munmap(0x7f6220e00000, 138412032) = 0 [pid 5116] ioctl(4, LOOP_SET_FD, 3 [pid 5113] <... write resumed>) = 524288 [pid 5115] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5115] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5118 [pid 5117] munmap(0x7f6220e00000, 138412032) = 0 [pid 5113] munmap(0x7f6220e00000, 138412032 [pid 5117] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5117] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5118 attached [pid 5116] <... ioctl resumed>) = 0 [pid 5113] <... munmap resumed>) = 0 [pid 5118] set_robust_list(0x5555645e8660, 24 [pid 5116] close(3 [pid 5114] <... ioctl resumed>) = 0 [pid 5113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5118] <... set_robust_list resumed>) = 0 [pid 5116] <... close resumed>) = 0 [pid 5114] close(3 [pid 5113] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5118] chdir("./2" [pid 5116] close(4 [pid 5114] <... close resumed>) = 0 [pid 5113] close(5 [pid 5116] <... close resumed>) = 0 [pid 5115] <... ioctl resumed>) = 0 [pid 5115] close(3) = 0 [pid 5115] close(4) = 0 [pid 5115] mkdir("./bus", 0777) = 0 [pid 5113] <... close resumed>) = 0 [pid 5115] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5116] mkdir("./bus", 0777 [pid 5114] close(4 [pid 5116] <... mkdir resumed>) = 0 [pid 5114] <... close resumed>) = 0 [pid 5114] mkdir("./bus", 0777 [pid 5117] <... ioctl resumed>) = 0 [pid 5118] <... chdir resumed>) = 0 [pid 5116] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5114] <... mkdir resumed>) = 0 [pid 5117] close(3 [pid 5114] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5117] <... close resumed>) = 0 [pid 5117] close(4 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5117] <... close resumed>) = 0 [pid 5113] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5117] mkdir("./bus", 0777 [pid 5118] <... prctl resumed>) = 0 [pid 5118] setpgid(0, 0 [pid 5117] <... mkdir resumed>) = 0 [pid 5118] <... setpgid resumed>) = 0 [ 114.195224][ T5114] loop4: detected capacity change from 0 to 1024 [ 114.206976][ T5115] loop1: detected capacity change from 0 to 1024 [ 114.216797][ T5116] loop3: detected capacity change from 0 to 1024 [ 114.223386][ T5117] loop5: detected capacity change from 0 to 1024 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5114] <... mount resumed>) = 0 [pid 5114] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5118] <... openat resumed>) = 3 [pid 5117] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5114] <... openat resumed>) = 3 [pid 5114] chdir("./bus") = 0 [pid 5116] <... mount resumed>) = 0 [pid 5118] write(3, "1000", 4 [pid 5115] <... mount resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5118] <... write resumed>) = 4 [pid 5116] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5115] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5114] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5113] <... open resumed>) = 5 [pid 5118] close(3 [pid 5116] <... openat resumed>) = 3 [pid 5115] <... openat resumed>) = 3 [pid 5114] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5113] ftruncate(5, 0 [pid 5118] <... close resumed>) = 0 [pid 5116] chdir("./bus" [pid 5115] chdir("./bus" [pid 5118] symlink("/dev/binderfs", "./binderfs" [pid 5116] <... chdir resumed>) = 0 [pid 5115] <... chdir resumed>) = 0 [pid 5113] <... ftruncate resumed>) = 0 [pid 5114] <... symlink resumed>) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5118] <... symlink resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5116] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5115] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5118] memfd_create("syzkaller", 0 [pid 5117] <... mount resumed>) = 0 [pid 5116] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5115] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5114] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5113] exit_group(0 [pid 5118] <... memfd_create resumed>) = 3 [pid 5117] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5116] <... symlink resumed>) = 0 [pid 5113] <... exit_group resumed>) = ? [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5117] <... openat resumed>) = 3 [pid 5116] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5113] +++ exited with 0 +++ [pid 5118] <... mmap resumed>) = 0x7f6220e00000 [pid 5117] chdir("./bus" [pid 5116] <... creat resumed>) = 4 [pid 5115] <... symlink resumed>) = 0 [pid 5114] <... creat resumed>) = 4 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5117] <... chdir resumed>) = 0 [pid 5116] rename("./bus", "./file2" [pid 5115] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5117] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5114] rename("./bus", "./file2" [pid 5117] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5114] <... rename resumed>) = -1 EEXIST (File exists) [pid 5117] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5116] <... rename resumed>) = -1 EEXIST (File exists) [pid 5114] memfd_create("syzkaller", 0 [pid 5091] <... openat resumed>) = 3 [pid 5116] memfd_create("syzkaller", 0 [pid 5114] <... memfd_create resumed>) = 5 [pid 5091] newfstatat(3, "", [pid 5116] <... memfd_create resumed>) = 5 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5114] <... mmap resumed>) = 0x7f6220e00000 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5117] <... symlink resumed>) = 0 [pid 5116] <... mmap resumed>) = 0x7f6220e00000 [pid 5115] <... creat resumed>) = 4 [pid 5114] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5117] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5116] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] getdents64(3, [pid 5118] <... write resumed>) = 524288 [pid 5117] <... creat resumed>) = 4 [pid 5115] rename("./bus", "./file2" [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5117] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5115] <... rename resumed>) = -1 EEXIST (File exists) [pid 5091] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5117] memfd_create("syzkaller", 0 [pid 5115] memfd_create("syzkaller", 0 [pid 5117] <... memfd_create resumed>) = 5 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] <... write resumed>) = 524288 [pid 5115] <... memfd_create resumed>) = 5 [pid 5117] <... mmap resumed>) = 0x7f6220e00000 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5114] <... write resumed>) = 524288 [pid 5116] munmap(0x7f6220e00000, 138412032 [pid 5118] munmap(0x7f6220e00000, 138412032) = 0 [pid 5116] <... munmap resumed>) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5116] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5117] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5115] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5116] close(5 [pid 5114] munmap(0x7f6220e00000, 138412032 [pid 5091] <... umount2 resumed>) = 0 [pid 5114] <... munmap resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5117] <... write resumed>) = 524288 [pid 5115] <... write resumed>) = 524288 [pid 5118] <... ioctl resumed>) = 0 [pid 5114] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5114] close(5 [pid 5118] close(3 [pid 5117] munmap(0x7f6220e00000, 138412032 [pid 5116] <... close resumed>) = 0 [pid 5115] munmap(0x7f6220e00000, 138412032 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] <... close resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./2/bus", [pid 5118] close(4) = 0 [pid 5117] <... munmap resumed>) = 0 [pid 5116] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5115] <... munmap resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5118] mkdir("./bus", 0777) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5115] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5114] <... close resumed>) = 0 [pid 5091] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5117] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 114.364587][ T5118] loop0: detected capacity change from 0 to 1024 [pid 5114] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5118] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5117] close(5 [pid 5116] <... open resumed>) = 5 [pid 5115] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5117] <... close resumed>) = 0 [pid 5116] ftruncate(5, 0 [pid 5115] close(5 [pid 5091] newfstatat(4, "", [pid 5114] <... open resumed>) = 5 [pid 5117] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5116] <... ftruncate resumed>) = 0 [pid 5115] <... close resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5116] exit_group(0 [pid 5091] getdents64(4, [pid 5116] <... exit_group resumed>) = ? [pid 5114] ftruncate(5, 0) = 0 [pid 5114] exit_group(0) = ? [pid 5116] +++ exited with 0 +++ [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5118] <... mount resumed>) = 0 [pid 5117] <... open resumed>) = 5 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] getdents64(4, [pid 5115] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5118] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5117] ftruncate(5, 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5118] <... openat resumed>) = 3 [pid 5091] close(4 [pid 5118] chdir("./bus" [pid 5117] <... ftruncate resumed>) = 0 [pid 5092] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... close resumed>) = 0 [pid 5118] <... chdir resumed>) = 0 [pid 5117] exit_group(0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5117] <... exit_group resumed>) = ? [pid 5092] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] rmdir("./2/bus") = 0 [pid 5114] +++ exited with 0 +++ [pid 5117] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5118] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5092] <... openat resumed>) = 3 [pid 5091] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5118] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5094] <... restart_syscall resumed>) = 0 [pid 5092] newfstatat(3, "", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5092] getdents64(3, [pid 5094] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5094] newfstatat(3, "", [pid 5118] <... symlink resumed>) = 0 [pid 5115] <... open resumed>) = 5 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] unlink("./2/binderfs" [pid 5118] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5115] ftruncate(5, 0 [pid 5095] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... unlink resumed>) = 0 [pid 5115] <... ftruncate resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5115] exit_group(0 [pid 5094] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5115] <... exit_group resumed>) = ? [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] +++ exited with 0 +++ [pid 5095] newfstatat(3, "", [pid 5091] getdents64(3, [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] getdents64(3, [pid 5091] close(3 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] newfstatat(AT_FDCWD, "./2/bus", [pid 5091] <... close resumed>) = 0 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5091] rmdir("./2" [pid 5090] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5091] mkdir("./3", 0777 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] <... umount2 resumed>) = 0 [pid 5094] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5118] <... creat resumed>) = 4 [pid 5095] <... umount2 resumed>) = 0 [pid 5092] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5118] rename("./bus", "./file2" [pid 5094] close(4) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5118] <... rename resumed>) = -1 EEXIST (File exists) [pid 5095] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] rmdir("./2/bus" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5118] memfd_create("syzkaller", 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] newfstatat(AT_FDCWD, "./2/bus", [pid 5090] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5118] <... memfd_create resumed>) = 5 [pid 5095] newfstatat(AT_FDCWD, "./2/bus", [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] newfstatat(AT_FDCWD, "./2/bus", [pid 5095] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 4 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] newfstatat(4, "", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... openat resumed>) = 4 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] newfstatat(4, "", [pid 5092] getdents64(4, [pid 5090] <... openat resumed>) = 4 [pid 5118] <... mmap resumed>) = 0x7f6220e00000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5118] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] newfstatat(4, "", [pid 5095] getdents64(4, [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] getdents64(4, [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] getdents64(4, [pid 5092] close(4 [pid 5090] getdents64(4, [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] unlink("./2/binderfs" [pid 5092] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] close(4 [pid 5094] <... unlink resumed>) = 0 [pid 5092] rmdir("./2/bus" [pid 5095] <... close resumed>) = 0 [pid 5090] getdents64(4, [pid 5095] rmdir("./2/bus" [pid 5092] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] getdents64(3, [pid 5090] close(4) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./2/bus" [pid 5094] close(3 [pid 5092] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... rmdir resumed>) = 0 [pid 5118] <... write resumed>) = 524288 [pid 5094] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5118] munmap(0x7f6220e00000, 138412032 [pid 5095] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] rmdir("./2" [pid 5092] unlink("./2/binderfs" [pid 5118] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... unlink resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5091] <... ioctl resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5118] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] unlink("./2/binderfs" [pid 5095] unlink("./2/binderfs") = 0 [pid 5092] close(3 [pid 5090] <... unlink resumed>) = 0 [pid 5118] close(5) = 0 [pid 5095] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5094] mkdir("./3", 0777 [pid 5091] close(3) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] close(3) = 0 [pid 5090] rmdir("./2") = 0 [pid 5090] mkdir("./3", 0777./strace-static-x86_64: Process 5119 attached ) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5119 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5119] set_robust_list(0x5555645e8660, 24) = 0 [pid 5095] close(3) = 0 [pid 5119] chdir("./3" [pid 5092] rmdir("./2" [pid 5119] <... chdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] rmdir("./2" [pid 5119] setpgid(0, 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5119] <... setpgid resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... mkdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5092] mkdir("./3", 0777 [pid 5119] <... openat resumed>) = 3 [pid 5092] <... mkdir resumed>) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5119] write(3, "1000", 4) = 4 [pid 5095] mkdir("./3", 0777 [pid 5118] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] <... mkdir resumed>) = 0 [pid 5119] close(3 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5119] <... close resumed>) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... openat resumed>) = 3 [pid 5119] memfd_create("syzkaller", 0 [pid 5095] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5119] <... memfd_create resumed>) = 3 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5118] <... open resumed>) = 5 [pid 5118] ftruncate(5, 0 [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5118] <... ftruncate resumed>) = 0 [pid 5119] <... write resumed>) = 524288 [pid 5118] exit_group(0 [pid 5119] munmap(0x7f6220e00000, 138412032 [pid 5118] <... exit_group resumed>) = ? [pid 5119] <... munmap resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5118] +++ exited with 0 +++ [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... ioctl resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... ioctl resumed>) = 0 [pid 5119] <... ioctl resumed>) = 0 [pid 5094] close(3 [pid 5092] <... ioctl resumed>) = 0 [pid 5119] close(3 [pid 5095] close(3 [pid 5094] <... close resumed>) = 0 ./strace-static-x86_64: Process 5120 attached [pid 5119] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] set_robust_list(0x5555645e8660, 24) = 0 [pid 5120] chdir("./3" [pid 5119] close(4 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5121 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5120 [pid 5089] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5120] <... chdir resumed>) = 0 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5120] <... prctl resumed>) = 0 [pid 5119] <... close resumed>) = 0 ./strace-static-x86_64: Process 5121 attached [pid 5120] setpgid(0, 0 [pid 5119] mkdir("./bus", 0777 [pid 5092] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5120] <... setpgid resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5119] <... mkdir resumed>) = 0 [pid 5121] set_robust_list(0x5555645e8660, 24 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5122 [pid 5092] <... close resumed>) = 0 [pid 5089] getdents64(3, [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5120] write(3, "1000", 4) = 4 [pid 5120] close(3) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5089] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5122 attached [pid 5121] <... set_robust_list resumed>) = 0 [pid 5122] set_robust_list(0x5555645e8660, 24 [pid 5121] chdir("./3" [pid 5120] memfd_create("syzkaller", 0 [pid 5089] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5123 attached [pid 5119] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5123 [pid 5089] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5123] set_robust_list(0x5555645e8660, 24 [pid 5122] <... set_robust_list resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5122] chdir("./3" [pid 5121] <... chdir resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./2/bus", [pid 5122] <... chdir resumed>) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] <... memfd_create resumed>) = 3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 114.673743][ T5119] loop2: detected capacity change from 0 to 1024 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] umount2("./2/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5121] <... prctl resumed>) = 0 [pid 5123] <... set_robust_list resumed>) = 0 [pid 5122] <... prctl resumed>) = 0 [pid 5121] setpgid(0, 0 [pid 5120] <... mmap resumed>) = 0x7f6220e00000 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5121] <... setpgid resumed>) = 0 [pid 5123] chdir("./3" [pid 5122] setpgid(0, 0) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] openat(AT_FDCWD, "./2/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5122] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 4 [pid 5123] <... chdir resumed>) = 0 [pid 5121] <... openat resumed>) = 3 [pid 5089] newfstatat(4, "", [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5121] write(3, "1000", 4 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5123] setpgid(0, 0 [pid 5121] <... write resumed>) = 4 [pid 5123] <... setpgid resumed>) = 0 [pid 5089] getdents64(4, [pid 5122] write(3, "1000", 4 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5121] close(3 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5121] <... close resumed>) = 0 [pid 5121] symlink("/dev/binderfs", "./binderfs" [pid 5089] getdents64(4, [pid 5123] <... openat resumed>) = 3 [pid 5122] <... write resumed>) = 4 [pid 5121] <... symlink resumed>) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5122] close(3 [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5123] write(3, "1000", 4 [pid 5122] <... close resumed>) = 0 [pid 5121] memfd_create("syzkaller", 0 [pid 5120] <... write resumed>) = 524288 [pid 5119] <... mount resumed>) = 0 [pid 5089] close(4 [pid 5123] <... write resumed>) = 4 [pid 5119] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5123] close(3 [pid 5089] <... close resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5122] symlink("/dev/binderfs", "./binderfs" [pid 5121] <... memfd_create resumed>) = 3 [pid 5119] <... openat resumed>) = 3 [pid 5089] rmdir("./2/bus" [pid 5123] symlink("/dev/binderfs", "./binderfs" [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5123] <... symlink resumed>) = 0 [pid 5122] <... symlink resumed>) = 0 [pid 5121] <... mmap resumed>) = 0x7f6220e00000 [pid 5119] chdir("./bus" [pid 5089] <... rmdir resumed>) = 0 [pid 5119] <... chdir resumed>) = 0 [pid 5089] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5119] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5119] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5089] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5122] memfd_create("syzkaller", 0) = 3 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5123] memfd_create("syzkaller", 0 [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5119] <... symlink resumed>) = 0 [pid 5089] unlink("./2/binderfs") = 0 [pid 5089] getdents64(3, [pid 5123] <... memfd_create resumed>) = 3 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./2" [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5120] munmap(0x7f6220e00000, 138412032 [pid 5089] <... rmdir resumed>) = 0 [pid 5120] <... munmap resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5121] <... write resumed>) = 524288 [pid 5119] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5123] <... mmap resumed>) = 0x7f6220e00000 [pid 5089] mkdir("./3", 0777 [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5122] <... write resumed>) = 524288 [pid 5089] <... mkdir resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5120] close(3) = 0 [pid 5120] close(4) = 0 [pid 5120] mkdir("./bus", 0777 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5121] munmap(0x7f6220e00000, 138412032 [pid 5120] <... mkdir resumed>) = 0 [pid 5119] <... creat resumed>) = 4 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5120] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5121] <... munmap resumed>) = 0 [pid 5119] rename("./bus", "./file2" [pid 5123] <... write resumed>) = 524288 [pid 5121] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5123] munmap(0x7f6220e00000, 138412032 [pid 5121] <... openat resumed>) = 4 [ 114.799313][ T5120] loop1: detected capacity change from 0 to 1024 [pid 5123] <... munmap resumed>) = 0 [pid 5121] ioctl(4, LOOP_SET_FD, 3 [pid 5119] <... rename resumed>) = -1 EEXIST (File exists) [pid 5119] memfd_create("syzkaller", 0) = 5 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5122] munmap(0x7f6220e00000, 138412032 [pid 5119] <... mmap resumed>) = 0x7f6220e00000 [pid 5122] <... munmap resumed>) = 0 [pid 5120] <... mount resumed>) = 0 [pid 5120] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5123] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5122] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5120] chdir("./bus" [pid 5122] <... openat resumed>) = 4 [pid 5120] <... chdir resumed>) = 0 [pid 5122] ioctl(4, LOOP_SET_FD, 3 [pid 5120] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5121] <... ioctl resumed>) = 0 [pid 5120] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5119] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5089] <... ioctl resumed>) = 0 [pid 5120] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5119] <... write resumed>) = 524288 [pid 5121] close(3 [pid 5120] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5121] <... close resumed>) = 0 [pid 5119] munmap(0x7f6220e00000, 138412032 [pid 5089] close(3 [pid 5121] close(4 [pid 5089] <... close resumed>) = 0 [pid 5121] <... close resumed>) = 0 [pid 5121] mkdir("./bus", 0777 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5121] <... mkdir resumed>) = 0 [pid 5119] <... munmap resumed>) = 0 [pid 5123] close(3 [pid 5122] close(3 [pid 5121] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5119] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5124 [pid 5123] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5123] close(4 [pid 5122] close(4 [pid 5123] <... close resumed>) = 0 [pid 5122] <... close resumed>) = 0 [pid 5119] <... openat resumed>) = -1 EBUSY (Device or resource busy) ./strace-static-x86_64: Process 5124 attached [pid 5123] mkdir("./bus", 0777 [pid 5122] mkdir("./bus", 0777 [pid 5119] close(5 [pid 5124] set_robust_list(0x5555645e8660, 24 [pid 5121] <... mount resumed>) = 0 [pid 5120] <... creat resumed>) = 4 [ 114.843751][ T5121] loop4: detected capacity change from 0 to 1024 [ 114.870123][ T5122] loop5: detected capacity change from 0 to 1024 [ 114.884664][ T5123] loop3: detected capacity change from 0 to 1024 [pid 5124] <... set_robust_list resumed>) = 0 [pid 5120] rename("./bus", "./file2" [pid 5124] chdir("./3" [pid 5123] <... mkdir resumed>) = 0 [pid 5122] <... mkdir resumed>) = 0 [pid 5121] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5123] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5122] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5124] <... chdir resumed>) = 0 [pid 5121] <... openat resumed>) = 3 [pid 5120] <... rename resumed>) = -1 EEXIST (File exists) [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5121] chdir("./bus" [pid 5119] <... close resumed>) = 0 [pid 5124] <... prctl resumed>) = 0 [pid 5122] <... mount resumed>) = 0 [pid 5121] <... chdir resumed>) = 0 [pid 5120] memfd_create("syzkaller", 0 [pid 5119] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5124] setpgid(0, 0 [pid 5123] <... mount resumed>) = 0 [pid 5120] <... memfd_create resumed>) = 5 [pid 5124] <... setpgid resumed>) = 0 [pid 5123] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] <... openat resumed>) = 3 [pid 5122] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5120] <... mmap resumed>) = 0x7f6220e00000 [pid 5124] <... openat resumed>) = 3 [pid 5123] chdir("./bus" [pid 5122] <... openat resumed>) = 3 [pid 5121] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5124] write(3, "1000", 4 [pid 5123] <... chdir resumed>) = 0 [pid 5122] chdir("./bus" [pid 5120] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5119] <... open resumed>) = 5 [pid 5121] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5121] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5122] <... chdir resumed>) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5124] <... write resumed>) = 4 [pid 5122] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5121] <... symlink resumed>) = 0 [pid 5121] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5124] close(3 [pid 5123] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5122] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5119] ftruncate(5, 0 [pid 5121] <... creat resumed>) = 4 [pid 5124] <... close resumed>) = 0 [pid 5123] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5122] <... symlink resumed>) = 0 [pid 5120] <... write resumed>) = 524288 [pid 5119] <... ftruncate resumed>) = 0 [pid 5121] rename("./bus", "./file2" [pid 5124] symlink("/dev/binderfs", "./binderfs" [pid 5123] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5122] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5120] munmap(0x7f6220e00000, 138412032 [pid 5124] <... symlink resumed>) = 0 [pid 5123] <... symlink resumed>) = 0 [pid 5121] <... rename resumed>) = -1 EEXIST (File exists) [pid 5120] <... munmap resumed>) = 0 [pid 5119] exit_group(0 [pid 5124] memfd_create("syzkaller", 0 [pid 5123] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5124] <... memfd_create resumed>) = 3 [pid 5121] memfd_create("syzkaller", 0 [pid 5119] <... exit_group resumed>) = ? [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5121] <... memfd_create resumed>) = 5 [pid 5122] <... creat resumed>) = 4 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5120] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5122] rename("./bus", "./file2" [pid 5120] close(5 [pid 5121] <... mmap resumed>) = 0x7f6220e00000 [pid 5119] +++ exited with 0 +++ [pid 5121] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5091] restart_syscall(<... resuming interrupted clone ...> [pid 5123] <... creat resumed>) = 4 [pid 5123] rename("./bus", "./file2" [pid 5122] <... rename resumed>) = -1 EEXIST (File exists) [pid 5091] <... restart_syscall resumed>) = 0 [pid 5124] <... write resumed>) = 524288 [pid 5122] memfd_create("syzkaller", 0) = 5 [pid 5091] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5123] <... rename resumed>) = -1 EEXIST (File exists) [pid 5122] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5123] memfd_create("syzkaller", 0) = 5 [pid 5091] <... openat resumed>) = 3 [pid 5091] newfstatat(3, "", [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5120] <... close resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5123] <... mmap resumed>) = 0x7f6220e00000 [pid 5124] munmap(0x7f6220e00000, 138412032) = 0 [pid 5120] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5120] <... open resumed>) = 5 [pid 5124] <... openat resumed>) = 4 [pid 5123] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5121] <... write resumed>) = 524288 [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5123] <... write resumed>) = 524288 [pid 5121] munmap(0x7f6220e00000, 138412032 [pid 5120] ftruncate(5, 0) = 0 [pid 5121] <... munmap resumed>) = 0 [pid 5120] exit_group(0) = ? [pid 5120] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5090] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5122] <... write resumed>) = 524288 [pid 5090] <... openat resumed>) = 3 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5121] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5122] munmap(0x7f6220e00000, 138412032) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5122] close(5 [pid 5123] munmap(0x7f6220e00000, 138412032 [pid 5121] close(5 [pid 5123] <... munmap resumed>) = 0 [pid 5124] <... ioctl resumed>) = 0 [pid 5124] close(3) = 0 [pid 5124] close(4) = 0 [pid 5124] mkdir("./bus", 0777 [pid 5123] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5124] <... mkdir resumed>) = 0 [pid 5123] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5123] close(5 [pid 5122] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5121] <... close resumed>) = 0 [ 115.085955][ T5124] loop0: detected capacity change from 0 to 1024 [pid 5124] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./3/bus", [pid 5123] <... close resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5121] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5122] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5091] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5123] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./3/bus", [pid 5091] getdents64(4, [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5122] <... open resumed>) = 5 [pid 5121] <... open resumed>) = 5 [pid 5091] getdents64(4, [pid 5090] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5121] ftruncate(5, 0 [pid 5124] <... mount resumed>) = 0 [pid 5121] <... ftruncate resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] rmdir("./3/bus" [pid 5124] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5123] <... open resumed>) = 5 [pid 5122] ftruncate(5, 0 [pid 5121] exit_group(0 [pid 5091] rmdir("./3/bus" [pid 5090] <... rmdir resumed>) = 0 [pid 5124] <... openat resumed>) = 3 [pid 5121] <... exit_group resumed>) = ? [pid 5090] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5124] chdir("./bus" [pid 5123] ftruncate(5, 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... chdir resumed>) = 0 [pid 5091] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5123] <... ftruncate resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5090] unlink("./3/binderfs" [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5091] unlink("./3/binderfs" [pid 5090] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5124] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5123] exit_group(0 [pid 5122] <... ftruncate resumed>) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5090] close(3 [pid 5091] getdents64(3, [pid 5090] <... close resumed>) = 0 [pid 5123] <... exit_group resumed>) = ? [pid 5124] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] rmdir("./3" [pid 5121] +++ exited with 0 +++ [pid 5091] close(3 [pid 5090] <... rmdir resumed>) = 0 [pid 5124] <... symlink resumed>) = 0 [pid 5122] exit_group(0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] <... close resumed>) = 0 [pid 5090] mkdir("./4", 0777 [pid 5122] <... exit_group resumed>) = ? [pid 5091] rmdir("./3" [pid 5090] <... mkdir resumed>) = 0 [pid 5124] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5094] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] mkdir("./4", 0777 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5123] +++ exited with 0 +++ [pid 5094] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5094] newfstatat(3, "", [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5124] <... creat resumed>) = 4 [pid 5122] +++ exited with 0 +++ [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5124] rename("./bus", "./file2" [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5094] getdents64(3, [pid 5091] <... openat resumed>) = 3 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... rename resumed>) = -1 EEXIST (File exists) [pid 5092] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5124] memfd_create("syzkaller", 0 [pid 5092] getdents64(3, [pid 5124] <... memfd_create resumed>) = 5 [pid 5095] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... umount2 resumed>) = 0 [pid 5092] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5124] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] <... openat resumed>) = 3 [pid 5094] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] newfstatat(3, "", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] getdents64(3, [pid 5094] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = 0 [pid 5124] <... write resumed>) = 524288 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5124] munmap(0x7f6220e00000, 138412032 [pid 5095] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] newfstatat(4, "", [pid 5092] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5124] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./3/bus", [pid 5095] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5124] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5092] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5124] close(5 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] <... openat resumed>) = 4 [pid 5094] getdents64(4, [pid 5095] newfstatat(4, "", [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] newfstatat(4, "", [pid 5095] getdents64(4, [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(4, [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] close(4 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5095] close(4 [pid 5094] <... close resumed>) = 0 [pid 5090] close(3 [pid 5095] <... close resumed>) = 0 [pid 5094] rmdir("./3/bus" [pid 5090] <... close resumed>) = 0 [pid 5095] rmdir("./3/bus" [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5125 attached [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5125] set_robust_list(0x5555645e8660, 24 [pid 5124] <... close resumed>) = 0 [pid 5094] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5091] close(3 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5125 [pid 5125] <... set_robust_list resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] chdir("./4" [pid 5094] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5091] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5125] <... chdir resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] unlink("./3/binderfs" [pid 5125] <... prctl resumed>) = 0 [pid 5095] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5125] setpgid(0, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... unlink resumed>) = 0 [pid 5092] close(4 [pid 5125] <... setpgid resumed>) = 0 [pid 5095] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5094] getdents64(3, [pid 5092] <... close resumed>) = 0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] rmdir("./3/bus" [pid 5125] <... openat resumed>) = 3 [pid 5095] unlink("./3/binderfs" [pid 5094] close(3 [pid 5092] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5126 attached [pid 5125] write(3, "1000", 4 [pid 5095] <... unlink resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5126] set_robust_list(0x5555645e8660, 24 [pid 5125] <... write resumed>) = 4 [pid 5095] getdents64(3, [pid 5094] rmdir("./3" [pid 5092] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5126 [pid 5126] <... set_robust_list resumed>) = 0 [pid 5125] close(3 [pid 5124] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5126] chdir("./4" [pid 5125] <... close resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs" [pid 5094] mkdir("./4", 0777 [pid 5126] <... chdir resumed>) = 0 [pid 5125] <... symlink resumed>) = 0 [pid 5095] close(3 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] memfd_create("syzkaller", 0 [pid 5124] <... open resumed>) = 5 [pid 5095] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5126] <... prctl resumed>) = 0 [pid 5125] <... memfd_create resumed>) = 3 [pid 5124] ftruncate(5, 0 [pid 5095] rmdir("./3" [pid 5094] <... openat resumed>) = 3 [pid 5092] unlink("./3/binderfs" [pid 5126] setpgid(0, 0 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5124] <... ftruncate resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... unlink resumed>) = 0 [pid 5126] <... setpgid resumed>) = 0 [pid 5125] <... mmap resumed>) = 0x7f6220e00000 [pid 5124] exit_group(0 [pid 5095] mkdir("./4", 0777 [pid 5092] getdents64(3, [pid 5124] <... exit_group resumed>) = ? [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5124] +++ exited with 0 +++ [pid 5095] <... mkdir resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./3" [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5126] <... openat resumed>) = 3 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] <... rmdir resumed>) = 0 [pid 5089] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5126] write(3, "1000", 4 [pid 5095] <... openat resumed>) = 3 [pid 5092] mkdir("./4", 0777 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5126] <... write resumed>) = 4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] <... mkdir resumed>) = 0 [pid 5089] newfstatat(3, "", [pid 5126] close(3 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5126] <... close resumed>) = 0 [pid 5089] getdents64(3, [pid 5126] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5126] <... symlink resumed>) = 0 [pid 5125] <... write resumed>) = 524288 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... umount2 resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5089] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5126] memfd_create("syzkaller", 0 [pid 5125] munmap(0x7f6220e00000, 138412032 [pid 5094] <... ioctl resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./3/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./3/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5125] <... munmap resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./3/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5126] <... memfd_create resumed>) = 3 [pid 5125] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] close(3 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5126] <... mmap resumed>) = 0x7f6220e00000 [pid 5089] close(4 [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./3/bus" [pid 5125] <... openat resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5125] ioctl(4, LOOP_SET_FD, 3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... rmdir resumed>) = 0 [pid 5089] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./3/binderfs") = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5127 [pid 5126] <... write resumed>) = 524288 [pid 5125] close(3./strace-static-x86_64: Process 5127 attached [pid 5127] set_robust_list(0x5555645e8660, 24 [pid 5089] getdents64(3, [pid 5127] <... set_robust_list resumed>) = 0 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5127] chdir("./4" [pid 5089] close(3 [pid 5127] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] rmdir("./3" [pid 5127] <... prctl resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5127] setpgid(0, 0 [pid 5089] mkdir("./4", 0777 [pid 5127] <... setpgid resumed>) = 0 [pid 5125] <... close resumed>) = 0 [pid 5092] close(3 [pid 5089] <... mkdir resumed>) = 0 [pid 5125] close(4 [pid 5095] <... ioctl resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5125] <... close resumed>) = 0 [pid 5095] close(3 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached [pid 5127] <... openat resumed>) = 3 [pid 5125] mkdir("./bus", 0777 [pid 5095] <... close resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5128 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5127] memfd_create("syzkaller", 0 [pid 5125] <... mkdir resumed>) = 0 [pid 5128] set_robust_list(0x5555645e8660, 24./strace-static-x86_64: Process 5129 attached [pid 5127] <... memfd_create resumed>) = 3 [pid 5126] munmap(0x7f6220e00000, 138412032 [pid 5125] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5129] set_robust_list(0x5555645e8660, 24 [pid 5128] <... set_robust_list resumed>) = 0 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5126] <... munmap resumed>) = 0 [ 115.407254][ T5125] loop1: detected capacity change from 0 to 1024 [pid 5129] <... set_robust_list resumed>) = 0 [pid 5127] <... mmap resumed>) = 0x7f6220e00000 [pid 5126] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5129] chdir("./4" [pid 5128] chdir("./4" [pid 5125] <... mount resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5129 [pid 5089] <... ioctl resumed>) = 0 [pid 5128] <... chdir resumed>) = 0 [pid 5125] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5129] <... chdir resumed>) = 0 [pid 5128] <... prctl resumed>) = 0 [pid 5126] <... openat resumed>) = 4 [pid 5125] <... openat resumed>) = 3 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5128] setpgid(0, 0 [pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5126] ioctl(4, LOOP_SET_FD, 3 [pid 5125] chdir("./bus" [pid 5129] <... prctl resumed>) = 0 [pid 5128] <... setpgid resumed>) = 0 [pid 5125] <... chdir resumed>) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5129] setpgid(0, 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5125] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5129] <... setpgid resumed>) = 0 [pid 5125] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5089] close(3 [pid 5129] close(3 [pid 5089] <... close resumed>) = 0 [pid 5129] <... close resumed>) = 0 [pid 5128] <... openat resumed>) = 3 [pid 5127] <... write resumed>) = 524288 [pid 5125] <... symlink resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5129] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5128] write(3, "1000", 4 [pid 5127] munmap(0x7f6220e00000, 138412032 [pid 5125] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5129] memfd_create("syzkaller", 0 [pid 5128] <... write resumed>) = 4 [pid 5129] <... memfd_create resumed>) = 3 [pid 5127] <... munmap resumed>) = 0 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5128] close(3 [pid 5127] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5130 [pid 5129] <... mmap resumed>) = 0x7f6220e00000 [pid 5128] <... close resumed>) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5127] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5130 attached [pid 5128] <... symlink resumed>) = 0 [pid 5127] ioctl(4, LOOP_SET_FD, 3 [pid 5130] set_robust_list(0x5555645e8660, 24 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5125] <... creat resumed>) = 4 [pid 5130] <... set_robust_list resumed>) = 0 [pid 5128] memfd_create("syzkaller", 0 [pid 5130] chdir("./4") = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5126] <... ioctl resumed>) = 0 [pid 5130] <... prctl resumed>) = 0 [pid 5126] close(3 [pid 5130] setpgid(0, 0 [pid 5126] <... close resumed>) = 0 [pid 5130] <... setpgid resumed>) = 0 [pid 5126] close(4 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5126] <... close resumed>) = 0 [pid 5126] mkdir("./bus", 0777 [pid 5130] <... openat resumed>) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5126] <... mkdir resumed>) = 0 [pid 5130] close(3 [pid 5126] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5130] <... close resumed>) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5130] memfd_create("syzkaller", 0 [pid 5129] <... write resumed>) = 524288 [pid 5128] <... memfd_create resumed>) = 3 [pid 5127] <... ioctl resumed>) = 0 [pid 5125] rename("./bus", "./file2" [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5127] close(3) = 0 [pid 5127] close(4 [pid 5130] <... memfd_create resumed>) = 3 [pid 5128] <... mmap resumed>) = 0x7f6220e00000 [pid 5127] <... close resumed>) = 0 [pid 5125] <... rename resumed>) = -1 EEXIST (File exists) [pid 5127] mkdir("./bus", 0777 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5127] <... mkdir resumed>) = 0 [pid 5127] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5125] memfd_create("syzkaller", 0 [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5126] <... mount resumed>) = 0 [pid 5125] <... memfd_create resumed>) = 5 [pid 5126] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [ 115.481468][ T5126] loop2: detected capacity change from 0 to 1024 [ 115.521063][ T5127] loop4: detected capacity change from 0 to 1024 [pid 5126] chdir("./bus" [pid 5129] munmap(0x7f6220e00000, 138412032 [pid 5126] <... chdir resumed>) = 0 [pid 5129] <... munmap resumed>) = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5126] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5129] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5129] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5128] <... write resumed>) = 524288 [pid 5125] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5130] <... write resumed>) = 524288 [pid 5126] <... symlink resumed>) = 0 [pid 5130] munmap(0x7f6220e00000, 138412032 [pid 5129] close(3 [pid 5127] <... mount resumed>) = 0 [pid 5126] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5125] <... write resumed>) = 524288 [pid 5128] munmap(0x7f6220e00000, 138412032 [pid 5127] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5130] <... munmap resumed>) = 0 [pid 5129] <... close resumed>) = 0 [pid 5128] <... munmap resumed>) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5129] close(4 [pid 5127] <... openat resumed>) = 3 [pid 5130] <... openat resumed>) = 4 [pid 5129] <... close resumed>) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5127] chdir("./bus" [pid 5126] <... creat resumed>) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3 [pid 5129] mkdir("./bus", 0777 [pid 5128] <... openat resumed>) = 4 [pid 5127] <... chdir resumed>) = 0 [pid 5126] rename("./bus", "./file2" [pid 5129] <... mkdir resumed>) = 0 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5127] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5126] <... rename resumed>) = -1 EEXIST (File exists) [pid 5125] munmap(0x7f6220e00000, 138412032 [pid 5126] memfd_create("syzkaller", 0 [pid 5127] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5126] <... memfd_create resumed>) = 5 [ 115.568171][ T5129] loop5: detected capacity change from 0 to 1024 [ 115.603249][ T5130] loop0: detected capacity change from 0 to 1024 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5129] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5126] <... mmap resumed>) = 0x7f6220e00000 [pid 5126] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5125] <... munmap resumed>) = 0 [pid 5127] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5126] <... write resumed>) = 524288 [pid 5125] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5130] <... ioctl resumed>) = 0 [pid 5130] close(3) = 0 [pid 5125] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5130] close(4) = 0 [pid 5130] mkdir("./bus", 0777) = 0 [pid 5129] <... mount resumed>) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5127] <... symlink resumed>) = 0 [pid 5125] close(5 [pid 5128] close(3 [pid 5127] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5129] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5130] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5129] <... openat resumed>) = 3 [pid 5129] chdir("./bus" [pid 5128] <... close resumed>) = 0 [pid 5129] <... chdir resumed>) = 0 [pid 5128] close(4 [pid 5129] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5128] <... close resumed>) = 0 [pid 5128] mkdir("./bus", 0777 [pid 5129] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5128] <... mkdir resumed>) = 0 [pid 5127] <... creat resumed>) = 4 [pid 5127] rename("./bus", "./file2" [ 115.616779][ T5128] loop3: detected capacity change from 0 to 1024 [pid 5128] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5129] <... symlink resumed>) = 0 [pid 5128] <... mount resumed>) = 0 [pid 5127] <... rename resumed>) = -1 EEXIST (File exists) [pid 5126] munmap(0x7f6220e00000, 138412032 [pid 5125] <... close resumed>) = 0 [pid 5128] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5127] memfd_create("syzkaller", 0 [pid 5125] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5128] <... openat resumed>) = 3 [pid 5127] <... memfd_create resumed>) = 5 [pid 5126] <... munmap resumed>) = 0 [pid 5128] chdir("./bus" [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5129] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5128] <... chdir resumed>) = 0 [pid 5127] <... mmap resumed>) = 0x7f6220e00000 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5126] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5128] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5126] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5128] <... symlink resumed>) = 0 [pid 5126] close(5 [pid 5128] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5127] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5129] <... creat resumed>) = 4 [pid 5130] <... mount resumed>) = 0 [pid 5129] rename("./bus", "./file2" [pid 5130] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5130] chdir("./bus") = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5130] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5128] <... creat resumed>) = 4 [pid 5129] <... rename resumed>) = -1 EEXIST (File exists) [pid 5130] <... symlink resumed>) = 0 [pid 5129] memfd_create("syzkaller", 0 [pid 5126] <... close resumed>) = 0 [pid 5130] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5129] <... memfd_create resumed>) = 5 [pid 5128] rename("./bus", "./file2" [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5125] <... open resumed>) = 5 [pid 5129] <... mmap resumed>) = 0x7f6220e00000 [pid 5129] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5128] <... rename resumed>) = -1 EEXIST (File exists) [pid 5126] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5128] memfd_create("syzkaller", 0 [pid 5125] ftruncate(5, 0) = 0 [pid 5128] <... memfd_create resumed>) = 5 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5127] <... write resumed>) = 524288 [pid 5125] exit_group(0 [pid 5128] <... mmap resumed>) = 0x7f6220e00000 [pid 5127] munmap(0x7f6220e00000, 138412032 [pid 5125] <... exit_group resumed>) = ? [pid 5130] <... creat resumed>) = 4 [pid 5130] rename("./bus", "./file2" [pid 5125] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5126] <... open resumed>) = 5 [pid 5126] ftruncate(5, 0) = 0 [pid 5090] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5126] exit_group(0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5126] <... exit_group resumed>) = ? [pid 5090] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5128] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5127] <... munmap resumed>) = 0 [pid 5126] +++ exited with 0 +++ [pid 5127] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... openat resumed>) = 3 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5127] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(3, "", [pid 5130] <... rename resumed>) = -1 EEXIST (File exists) [pid 5127] close(5 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5130] memfd_create("syzkaller", 0 [pid 5091] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5130] <... memfd_create resumed>) = 5 [pid 5129] <... write resumed>) = 524288 [pid 5091] <... openat resumed>) = 3 [pid 5090] getdents64(3, [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] newfstatat(3, "", [pid 5130] <... mmap resumed>) = 0x7f6220e00000 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5130] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5128] <... write resumed>) = 524288 [pid 5091] getdents64(3, [pid 5090] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5129] munmap(0x7f6220e00000, 138412032 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5129] <... munmap resumed>) = 0 [pid 5091] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5129] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5130] <... write resumed>) = 524288 [pid 5129] close(5) = 0 [pid 5128] munmap(0x7f6220e00000, 138412032 [pid 5127] <... close resumed>) = 0 [pid 5130] munmap(0x7f6220e00000, 138412032) = 0 [pid 5128] <... munmap resumed>) = 0 [pid 5127] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] <... umount2 resumed>) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5090] <... umount2 resumed>) = 0 [pid 5130] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5129] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5130] close(5 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] newfstatat(4, "", [pid 5128] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5129] <... open resumed>) = 5 [pid 5128] close(5 [pid 5091] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5091] newfstatat(AT_FDCWD, "./4/bus", [pid 5090] rmdir("./4/bus" [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5129] ftruncate(5, 0 [pid 5127] <... open resumed>) = 5 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5129] <... ftruncate resumed>) = 0 [pid 5127] ftruncate(5, 0 [pid 5091] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5129] exit_group(0 [pid 5127] <... ftruncate resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5090] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5129] <... exit_group resumed>) = ? [pid 5091] newfstatat(4, "", [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5129] +++ exited with 0 +++ [pid 5128] <... close resumed>) = 0 [pid 5127] exit_group(0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5130] <... close resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5127] <... exit_group resumed>) = ? [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] unlink("./4/binderfs" [pid 5091] getdents64(4, [pid 5090] <... unlink resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5090] getdents64(3, [pid 5091] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] close(3 [pid 5091] rmdir("./4/bus" [pid 5128] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5090] <... close resumed>) = 0 [pid 5095] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5130] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] rmdir("./4" [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... rmdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5130] <... open resumed>) = 5 [pid 5127] +++ exited with 0 +++ [pid 5095] <... openat resumed>) = 3 [pid 5090] mkdir("./5", 0777 [pid 5095] newfstatat(3, "", [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5090] <... mkdir resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] getdents64(3, [pid 5130] ftruncate(5, 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... openat resumed>) = 3 [pid 5095] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5130] <... ftruncate resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] newfstatat(3, "", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5130] exit_group(0 [pid 5091] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5130] <... exit_group resumed>) = ? [pid 5094] getdents64(3, [pid 5091] unlink("./4/binderfs" [pid 5130] +++ exited with 0 +++ [pid 5128] <... open resumed>) = 5 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] <... unlink resumed>) = 0 [pid 5095] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5095] newfstatat(AT_FDCWD, "./4/bus", [pid 5128] ftruncate(5, 0 [pid 5089] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... restart_syscall resumed>) = 0 [pid 5089] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5128] <... ftruncate resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5128] exit_group(0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... openat resumed>) = 3 [pid 5128] <... exit_group resumed>) = ? [pid 5095] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5089] getdents64(3, [pid 5095] newfstatat(4, "", [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] getdents64(3, [pid 5089] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5128] +++ exited with 0 +++ [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... close resumed>) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5089] <... umount2 resumed>) = 0 [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] rmdir("./4" [pid 5089] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5095] close(4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... close resumed>) = 0 [pid 5092] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] rmdir("./4/bus" [pid 5092] <... openat resumed>) = 3 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5091] mkdir("./5", 0777 [pid 5089] newfstatat(AT_FDCWD, "./4/bus", [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5094] newfstatat(AT_FDCWD, "./4/bus", [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] unlink("./4/binderfs" [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... unlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 4 [pid 5094] newfstatat(4, "", [pid 5095] getdents64(3, [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] close(3 [pid 5094] getdents64(4, [pid 5095] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./4/bus" [pid 5095] rmdir("./4" [pid 5094] <... rmdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5090] <... ioctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] mkdir("./5", 0777) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5092] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./4/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./4/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] close(3 [pid 5089] getdents64(4, [pid 5095] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./4/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... close resumed>) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] getdents64(4, [pid 5092] <... openat resumed>) = 4 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] close(4 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5131 [pid 5089] <... close resumed>) = 0 [pid 5092] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] rmdir("./4/bus" [pid 5092] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./4/bus" [pid 5089] <... rmdir resumed>) = 0 [pid 5094] unlink("./4/binderfs" [pid 5089] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... unlink resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5131 attached [pid 5089] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5131] set_robust_list(0x5555645e8660, 24 [pid 5094] getdents64(3, [pid 5131] <... set_robust_list resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5131] chdir("./5" [pid 5094] close(3 [pid 5089] unlink("./4/binderfs" [pid 5094] <... close resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5131] <... chdir resumed>) = 0 [pid 5094] rmdir("./4" [pid 5092] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5089] <... unlink resumed>) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5089] getdents64(3, [pid 5131] <... prctl resumed>) = 0 [pid 5094] mkdir("./5", 0777 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5131] setpgid(0, 0 [pid 5092] unlink("./4/binderfs" [pid 5089] close(3) = 0 [pid 5131] <... setpgid resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5089] rmdir("./4" [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] mkdir("./5", 0777 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... close resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] rmdir("./4" [pid 5131] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5131] write(3, "1000", 4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] mkdir("./5", 0777 [pid 5089] <... mkdir resumed>) = 0 [pid 5131] <... write resumed>) = 4 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5092] <... mkdir resumed>) = 0 [pid 5131] close(3 [pid 5089] <... openat resumed>) = 3 [pid 5131] <... close resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5131] symlink("/dev/binderfs", "./binderfs" [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5131] <... symlink resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5091] close(3 [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] <... close resumed>) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... ioctl resumed>) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5132 [pid 5094] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5132 attached [pid 5132] set_robust_list(0x5555645e8660, 24) = 0 [pid 5132] chdir("./5") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] <... ioctl resumed>) = 0 [pid 5132] write(3, "1000", 4) = 4 [pid 5095] close(3) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] memfd_create("syzkaller", 0 [pid 5131] <... write resumed>) = 524288 [pid 5094] close(3 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5094] <... close resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5131] munmap(0x7f6220e00000, 138412032 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] <... memfd_create resumed>) = 3 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5131] <... munmap resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5133 ./strace-static-x86_64: Process 5136 attached ./strace-static-x86_64: Process 5134 attached [pid 5131] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5134 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5136 [pid 5134] set_robust_list(0x5555645e8660, 24 [pid 5131] <... openat resumed>) = 4 [pid 5131] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5133 attached [pid 5133] set_robust_list(0x5555645e8660, 24) = 0 [pid 5133] chdir("./5" [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5135 [pid 5133] <... chdir resumed>) = 0 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5133] setpgid(0, 0) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5135 attached [pid 5136] set_robust_list(0x5555645e8660, 24 [pid 5133] <... openat resumed>) = 3 [pid 5134] <... set_robust_list resumed>) = 0 [pid 5136] <... set_robust_list resumed>) = 0 [pid 5134] chdir("./5" [pid 5135] set_robust_list(0x5555645e8660, 24 [pid 5136] chdir("./5" [pid 5135] <... set_robust_list resumed>) = 0 [pid 5133] write(3, "1000", 4 [pid 5135] chdir("./5" [pid 5136] <... chdir resumed>) = 0 [pid 5133] <... write resumed>) = 4 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5133] close(3 [pid 5136] <... prctl resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5136] setpgid(0, 0 [pid 5133] symlink("/dev/binderfs", "./binderfs" [pid 5136] <... setpgid resumed>) = 0 [pid 5133] <... symlink resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5133] memfd_create("syzkaller", 0 [pid 5135] <... chdir resumed>) = 0 [pid 5136] <... openat resumed>) = 3 [pid 5134] <... chdir resumed>) = 0 [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5136] write(3, "1000", 4 [pid 5133] <... memfd_create resumed>) = 3 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5135] <... prctl resumed>) = 0 [pid 5136] <... write resumed>) = 4 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5134] <... prctl resumed>) = 0 [pid 5135] setpgid(0, 0 [pid 5136] close(3 [pid 5133] <... mmap resumed>) = 0x7f6220e00000 [pid 5134] setpgid(0, 0 [pid 5135] <... setpgid resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5134] <... setpgid resumed>) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5136] symlink("/dev/binderfs", "./binderfs" [pid 5135] <... openat resumed>) = 3 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] <... write resumed>) = 524288 [pid 5131] <... ioctl resumed>) = 0 [pid 5135] write(3, "1000", 4 [pid 5136] <... symlink resumed>) = 0 [pid 5134] <... openat resumed>) = 3 [pid 5132] munmap(0x7f6220e00000, 138412032 [pid 5135] <... write resumed>) = 4 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] <... munmap resumed>) = 0 [pid 5135] close(3 [pid 5133] <... write resumed>) = 524288 [pid 5135] <... close resumed>) = 0 [pid 5135] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5135] memfd_create("syzkaller", 0 [pid 5136] memfd_create("syzkaller", 0 [pid 5134] write(3, "1000", 4 [pid 5132] <... openat resumed>) = 4 [ 116.034231][ T5131] loop1: detected capacity change from 0 to 1024 [pid 5131] close(3 [pid 5135] <... memfd_create resumed>) = 3 [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] <... memfd_create resumed>) = 3 [pid 5134] <... write resumed>) = 4 [pid 5131] <... close resumed>) = 0 [pid 5135] <... mmap resumed>) = 0x7f6220e00000 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5134] close(3 [pid 5131] close(4 [pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5136] <... mmap resumed>) = 0x7f6220e00000 [pid 5134] <... close resumed>) = 0 [pid 5131] <... close resumed>) = 0 [pid 5131] mkdir("./bus", 0777 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5134] memfd_create("syzkaller", 0 [pid 5131] <... mkdir resumed>) = 0 [pid 5134] <... memfd_create resumed>) = 3 [pid 5131] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] <... mmap resumed>) = 0x7f6220e00000 [pid 5133] munmap(0x7f6220e00000, 138412032) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5132] <... ioctl resumed>) = 0 [pid 5132] close(3 [pid 5135] <... write resumed>) = 524288 [ 116.080093][ T5132] loop2: detected capacity change from 0 to 1024 [pid 5133] ioctl(4, LOOP_SET_FD, 3 [pid 5132] <... close resumed>) = 0 [pid 5132] close(4) = 0 [pid 5132] mkdir("./bus", 0777 [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] <... mkdir resumed>) = 0 [pid 5132] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5135] munmap(0x7f6220e00000, 138412032) = 0 [pid 5136] <... write resumed>) = 524288 [pid 5131] <... mount resumed>) = 0 [pid 5131] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5134] <... write resumed>) = 524288 [pid 5131] <... openat resumed>) = 3 [pid 5131] chdir("./bus" [pid 5136] munmap(0x7f6220e00000, 138412032 [pid 5131] <... chdir resumed>) = 0 [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5131] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5135] <... openat resumed>) = 4 [pid 5136] <... munmap resumed>) = 0 [pid 5135] ioctl(4, LOOP_SET_FD, 3 [pid 5136] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5133] <... ioctl resumed>) = 0 [pid 5134] munmap(0x7f6220e00000, 138412032 [pid 5131] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5136] <... openat resumed>) = 4 [pid 5133] close(3 [pid 5134] <... munmap resumed>) = 0 [pid 5131] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5136] ioctl(4, LOOP_SET_FD, 3 [pid 5133] <... close resumed>) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5133] close(4) = 0 [pid 5132] <... mount resumed>) = 0 [pid 5133] mkdir("./bus", 0777 [pid 5132] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5132] chdir("./bus") = 0 [ 116.121181][ T5133] loop5: detected capacity change from 0 to 1024 [ 116.157172][ T5135] loop3: detected capacity change from 0 to 1024 [pid 5132] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5132] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5135] <... ioctl resumed>) = 0 [pid 5136] <... ioctl resumed>) = 0 [pid 5133] <... mkdir resumed>) = 0 [pid 5134] <... openat resumed>) = 4 [pid 5135] close(3 [pid 5136] close(3 [pid 5133] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5134] ioctl(4, LOOP_SET_FD, 3 [pid 5135] <... close resumed>) = 0 [pid 5131] <... symlink resumed>) = 0 [pid 5131] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5132] <... symlink resumed>) = 0 [pid 5135] close(4 [pid 5134] <... ioctl resumed>) = 0 [pid 5135] <... close resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5135] mkdir("./bus", 0777 [pid 5136] close(4 [pid 5134] close(3 [pid 5136] <... close resumed>) = 0 [pid 5134] <... close resumed>) = 0 [pid 5134] close(4 [pid 5135] <... mkdir resumed>) = 0 [pid 5136] mkdir("./bus", 0777 [pid 5134] <... close resumed>) = 0 [pid 5132] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5131] <... creat resumed>) = 4 [pid 5135] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5136] <... mkdir resumed>) = 0 [pid 5134] mkdir("./bus", 0777 [pid 5131] rename("./bus", "./file2" [pid 5136] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5134] <... mkdir resumed>) = 0 [pid 5134] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5131] <... rename resumed>) = -1 EEXIST (File exists) [pid 5131] memfd_create("syzkaller", 0) = 5 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5131] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] <... creat resumed>) = 4 [pid 5132] rename("./bus", "./file2" [pid 5134] <... mount resumed>) = 0 [pid 5132] <... rename resumed>) = -1 EEXIST (File exists) [pid 5134] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5132] memfd_create("syzkaller", 0) = 5 [ 116.167625][ T5136] loop4: detected capacity change from 0 to 1024 [ 116.178042][ T5134] loop0: detected capacity change from 0 to 1024 [pid 5134] chdir("./bus") = 0 [pid 5131] <... write resumed>) = 524288 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5134] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5133] <... mount resumed>) = 0 [pid 5132] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] <... symlink resumed>) = 0 [pid 5136] <... mount resumed>) = 0 [pid 5136] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5133] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5134] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5135] <... mount resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5135] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5136] <... openat resumed>) = 3 [pid 5133] chdir("./bus" [pid 5136] chdir("./bus" [pid 5135] chdir("./bus" [pid 5136] <... chdir resumed>) = 0 [pid 5133] <... chdir resumed>) = 0 [pid 5131] munmap(0x7f6220e00000, 138412032 [pid 5133] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5132] <... write resumed>) = 524288 [pid 5131] <... munmap resumed>) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5135] <... chdir resumed>) = 0 [pid 5134] <... creat resumed>) = 4 [pid 5136] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5134] rename("./bus", "./file2" [pid 5136] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5136] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5133] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5131] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5131] close(5 [pid 5132] munmap(0x7f6220e00000, 138412032 [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5136] <... symlink resumed>) = 0 [pid 5135] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5136] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5133] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5135] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5134] <... rename resumed>) = -1 EEXIST (File exists) [pid 5134] memfd_create("syzkaller", 0) = 5 [pid 5135] <... symlink resumed>) = 0 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5132] <... munmap resumed>) = 0 [pid 5133] <... symlink resumed>) = 0 [pid 5134] <... mmap resumed>) = 0x7f6220e00000 [pid 5133] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5135] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5132] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5135] <... creat resumed>) = 4 [pid 5133] <... creat resumed>) = 4 [pid 5134] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5131] <... close resumed>) = 0 [pid 5135] rename("./bus", "./file2" [pid 5136] <... creat resumed>) = 4 [pid 5133] rename("./bus", "./file2" [pid 5136] rename("./bus", "./file2" [pid 5132] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5135] <... rename resumed>) = -1 EEXIST (File exists) [pid 5136] <... rename resumed>) = -1 EEXIST (File exists) [pid 5133] <... rename resumed>) = -1 EEXIST (File exists) [pid 5132] close(5 [pid 5131] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5135] memfd_create("syzkaller", 0 [pid 5136] memfd_create("syzkaller", 0 [pid 5133] memfd_create("syzkaller", 0 [pid 5132] <... close resumed>) = 0 [pid 5135] <... memfd_create resumed>) = 5 [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] <... memfd_create resumed>) = 5 [pid 5133] <... memfd_create resumed>) = 5 [pid 5135] <... mmap resumed>) = 0x7f6220e00000 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] <... mmap resumed>) = 0x7f6220e00000 [pid 5133] <... mmap resumed>) = 0x7f6220e00000 [pid 5136] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] <... write resumed>) = 524288 [pid 5131] <... open resumed>) = 5 [pid 5133] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] munmap(0x7f6220e00000, 138412032 [pid 5135] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5131] ftruncate(5, 0 [pid 5134] <... munmap resumed>) = 0 [pid 5131] <... ftruncate resumed>) = 0 [pid 5131] exit_group(0) = ? [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5135] <... write resumed>) = 524288 [pid 5134] close(5 [pid 5131] +++ exited with 0 +++ [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5090] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5133] <... write resumed>) = 524288 [pid 5090] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5133] munmap(0x7f6220e00000, 138412032 [pid 5136] <... write resumed>) = 524288 [pid 5133] <... munmap resumed>) = 0 [pid 5132] <... open resumed>) = 5 [pid 5135] munmap(0x7f6220e00000, 138412032 [pid 5133] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5132] ftruncate(5, 0 [pid 5135] <... munmap resumed>) = 0 [pid 5133] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5132] <... ftruncate resumed>) = 0 [pid 5132] exit_group(0 [pid 5133] close(5 [pid 5134] <... close resumed>) = 0 [pid 5132] <... exit_group resumed>) = ? [pid 5132] +++ exited with 0 +++ [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5135] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5136] munmap(0x7f6220e00000, 138412032 [pid 5134] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5136] <... munmap resumed>) = 0 [pid 5091] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5136] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... umount2 resumed>) = 0 [pid 5135] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5136] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] <... openat resumed>) = 3 [pid 5135] close(5 [pid 5136] close(5 [pid 5091] newfstatat(3, "", [pid 5135] <... close resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] getdents64(3, [pid 5135] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5136] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5133] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5134] <... open resumed>) = 5 [pid 5091] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5134] ftruncate(5, 0 [pid 5135] <... open resumed>) = 5 [pid 5136] <... open resumed>) = 5 [pid 5133] <... open resumed>) = 5 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] newfstatat(4, "", [pid 5135] ftruncate(5, 0) = 0 [pid 5136] ftruncate(5, 0 [pid 5133] ftruncate(5, 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5135] exit_group(0 [pid 5134] <... ftruncate resumed>) = 0 [pid 5090] getdents64(4, [pid 5136] <... ftruncate resumed>) = 0 [pid 5134] exit_group(0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5135] <... exit_group resumed>) = ? [pid 5136] exit_group(0 [pid 5090] getdents64(4, [pid 5134] <... exit_group resumed>) = ? [pid 5135] +++ exited with 0 +++ [pid 5136] <... exit_group resumed>) = ? [pid 5133] <... ftruncate resumed>) = 0 [pid 5134] +++ exited with 0 +++ [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] close(4 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./5/bus", [pid 5089] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5133] exit_group(0 [pid 5092] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(3, "", [pid 5133] <... exit_group resumed>) = ? [pid 5092] <... openat resumed>) = 3 [pid 5091] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] newfstatat(3, "", [pid 5091] <... openat resumed>) = 4 [pid 5089] getdents64(3, [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(4, "", [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] getdents64(3, [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] rmdir("./5/bus" [pid 5092] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] close(4 [pid 5090] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] rmdir("./5/bus" [pid 5090] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5133] +++ exited with 0 +++ [pid 5136] +++ exited with 0 +++ [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5090] unlink("./5/binderfs" [pid 5091] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... unlink resumed>) = 0 [pid 5095] restart_syscall(<... resuming interrupted clone ...> [pid 5091] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5090] getdents64(3, [pid 5089] <... umount2 resumed>) = 0 [pid 5095] <... restart_syscall resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] unlink("./5/binderfs" [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] <... unlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] getdents64(3, [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] close(3 [pid 5095] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5091] <... close resumed>) = 0 [pid 5090] close(3 [pid 5094] newfstatat(3, "", [pid 5095] newfstatat(3, "", [pid 5091] rmdir("./5" [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5094] getdents64(3, [pid 5090] rmdir("./5" [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] mkdir("./6", 0777 [pid 5090] <... rmdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] mkdir("./6", 0777 [pid 5089] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... mkdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5089] newfstatat(AT_FDCWD, "./5/bus", [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... umount2 resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5089] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5092] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./5/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... openat resumed>) = 4 [pid 5092] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(4, "", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5089] getdents64(4, [pid 5092] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5089] getdents64(4, [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] getdents64(4, [pid 5089] close(4 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5089] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5089] rmdir("./5/bus" [pid 5092] rmdir("./5/bus") = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5092] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = 0 [pid 5092] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5089] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] newfstatat(AT_FDCWD, "./5/bus", [pid 5094] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] unlink("./5/binderfs" [pid 5089] unlink("./5/binderfs" [pid 5094] newfstatat(AT_FDCWD, "./5/bus", [pid 5095] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5089] <... unlink resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./5/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(3, [pid 5095] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] openat(AT_FDCWD, "./5/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] close(3 [pid 5095] <... openat resumed>) = 4 [pid 5089] <... close resumed>) = 0 [pid 5095] newfstatat(4, "", [pid 5089] rmdir("./5" [pid 5094] <... openat resumed>) = 4 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] newfstatat(4, "", [pid 5092] getdents64(3, [pid 5089] <... rmdir resumed>) = 0 [pid 5095] getdents64(4, [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] close(3 [pid 5095] getdents64(4, [pid 5094] getdents64(4, [pid 5092] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] rmdir("./5" [pid 5095] close(4 [pid 5094] getdents64(4, [pid 5089] mkdir("./6", 0777 [pid 5095] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5095] rmdir("./5/bus" [pid 5094] close(4 [pid 5092] mkdir("./6", 0777 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5095] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] rmdir("./5/bus" [pid 5092] <... mkdir resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... rmdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... ioctl resumed>) = 0 [pid 5095] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5094] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] unlink("./5/binderfs" [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5095] <... unlink resumed>) = 0 [pid 5094] unlink("./5/binderfs" [pid 5091] close(3 [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5095] getdents64(3, [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] close(3./strace-static-x86_64: Process 5137 attached ) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5137 [pid 5090] <... ioctl resumed>) = 0 [pid 5095] rmdir("./5" [pid 5094] getdents64(3, [pid 5137] set_robust_list(0x5555645e8660, 24) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] close(3) = 0 [pid 5094] close(3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./5") = 0 [pid 5095] mkdir("./6", 0777) = 0 [pid 5094] mkdir("./6", 0777 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5138 [pid 5094] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5137] chdir("./6"./strace-static-x86_64: Process 5138 attached [pid 5138] set_robust_list(0x5555645e8660, 24 [pid 5137] <... chdir resumed>) = 0 [pid 5138] <... set_robust_list resumed>) = 0 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5138] chdir("./6" [pid 5137] <... prctl resumed>) = 0 [pid 5137] setpgid(0, 0) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5138] <... chdir resumed>) = 0 [pid 5137] <... openat resumed>) = 3 [pid 5092] <... ioctl resumed>) = 0 [pid 5137] write(3, "1000", 4 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5137] <... write resumed>) = 4 [pid 5094] <... ioctl resumed>) = 0 [pid 5092] close(3 [pid 5089] <... close resumed>) = 0 [pid 5137] close(3 [pid 5138] setpgid(0, 0 [pid 5137] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5138] <... setpgid resumed>) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... close resumed>) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5139 [pid 5138] write(3, "1000", 4) = 4 [pid 5138] close(3 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5139 attached [pid 5138] <... close resumed>) = 0 [pid 5139] set_robust_list(0x5555645e8660, 24 [pid 5138] symlink("/dev/binderfs", "./binderfs" [pid 5139] <... set_robust_list resumed>) = 0 [pid 5138] <... symlink resumed>) = 0 [pid 5139] chdir("./6" [pid 5138] memfd_create("syzkaller", 0 [pid 5139] <... chdir resumed>) = 0 [pid 5138] <... memfd_create resumed>) = 3 [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] <... prctl resumed>) = 0 [pid 5138] <... mmap resumed>) = 0x7f6220e00000 [pid 5139] setpgid(0, 0 [pid 5137] <... symlink resumed>) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5139] <... setpgid resumed>) = 0 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5139] write(3, "1000", 4) = 4 [pid 5139] close(3) = 0 [pid 5139] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5139] memfd_create("syzkaller", 0) = 3 [pid 5094] close(3 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] <... close resumed>) = 0 [pid 5139] <... mmap resumed>) = 0x7f6220e00000 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288./strace-static-x86_64: Process 5140 attached ./strace-static-x86_64: Process 5141 attached [pid 5138] <... write resumed>) = 524288 [pid 5137] memfd_create("syzkaller", 0 [pid 5095] close(3 [pid 5140] set_robust_list(0x5555645e8660, 24 [pid 5141] set_robust_list(0x5555645e8660, 24 [pid 5139] <... write resumed>) = 524288 [pid 5137] <... memfd_create resumed>) = 3 [pid 5095] <... close resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5141 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5140 [pid 5140] <... set_robust_list resumed>) = 0 [pid 5140] chdir("./6" [pid 5141] <... set_robust_list resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5141] chdir("./6" [pid 5138] munmap(0x7f6220e00000, 138412032 [pid 5140] <... chdir resumed>) = 0 [pid 5141] <... chdir resumed>) = 0 [pid 5138] <... munmap resumed>) = 0 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5141] <... prctl resumed>) = 0 [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5142 [pid 5138] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5137] <... mmap resumed>) = 0x7f6220e00000 [pid 5140] <... prctl resumed>) = 0 [pid 5140] setpgid(0, 0 [pid 5141] setpgid(0, 0 [pid 5138] <... openat resumed>) = 4 [pid 5140] <... setpgid resumed>) = 0 [pid 5141] <... setpgid resumed>) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5138] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5142 attached [pid 5140] <... openat resumed>) = 3 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5142] set_robust_list(0x5555645e8660, 24) = 0 [pid 5140] write(3, "1000", 4 [pid 5142] chdir("./6" [pid 5140] <... write resumed>) = 4 [pid 5141] <... openat resumed>) = 3 [pid 5140] close(3) = 0 [pid 5141] write(3, "1000", 4 [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5141] <... write resumed>) = 4 [pid 5141] close(3) = 0 [pid 5141] symlink("/dev/binderfs", "./binderfs" [pid 5140] <... symlink resumed>) = 0 [pid 5141] <... symlink resumed>) = 0 [pid 5139] munmap(0x7f6220e00000, 138412032 [pid 5142] <... chdir resumed>) = 0 [pid 5140] memfd_create("syzkaller", 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5139] <... munmap resumed>) = 0 [pid 5140] <... memfd_create resumed>) = 3 [pid 5141] <... memfd_create resumed>) = 3 [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5142] <... prctl resumed>) = 0 [pid 5140] <... mmap resumed>) = 0x7f6220e00000 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] <... write resumed>) = 524288 [pid 5142] setpgid(0, 0 [pid 5141] <... mmap resumed>) = 0x7f6220e00000 [pid 5142] <... setpgid resumed>) = 0 [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5139] <... ioctl resumed>) = 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5137] munmap(0x7f6220e00000, 138412032 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5139] close(3 [pid 5138] close(3 [pid 5139] <... close resumed>) = 0 [pid 5138] <... close resumed>) = 0 [pid 5139] close(4 [pid 5138] close(4 [pid 5137] <... munmap resumed>) = 0 [pid 5142] <... openat resumed>) = 3 [pid 5141] <... write resumed>) = 524288 [pid 5139] <... close resumed>) = 0 [pid 5138] <... close resumed>) = 0 [pid 5142] write(3, "1000", 4 [pid 5138] mkdir("./bus", 0777) = 0 [pid 5142] <... write resumed>) = 4 [pid 5139] mkdir("./bus", 0777 [ 116.660771][ T5138] loop1: detected capacity change from 0 to 1024 [ 116.678803][ T5139] loop0: detected capacity change from 0 to 1024 [pid 5138] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5139] <... mkdir resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5139] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5142] close(3 [pid 5137] <... openat resumed>) = 4 [pid 5142] <... close resumed>) = 0 [pid 5137] ioctl(4, LOOP_SET_FD, 3 [pid 5142] symlink("/dev/binderfs", "./binderfs" [pid 5141] munmap(0x7f6220e00000, 138412032 [pid 5139] <... mount resumed>) = 0 [pid 5141] <... munmap resumed>) = 0 [pid 5139] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5142] <... symlink resumed>) = 0 [pid 5139] chdir("./bus" [pid 5138] <... mount resumed>) = 0 [pid 5139] <... chdir resumed>) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5138] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5141] <... openat resumed>) = 4 [pid 5139] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5138] <... openat resumed>) = 3 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5139] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5138] chdir("./bus" [pid 5142] memfd_create("syzkaller", 0 [pid 5140] <... write resumed>) = 524288 [pid 5142] <... memfd_create resumed>) = 3 [pid 5140] munmap(0x7f6220e00000, 138412032 [pid 5138] <... chdir resumed>) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5139] <... symlink resumed>) = 0 [pid 5138] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5138] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5140] <... munmap resumed>) = 0 [pid 5137] <... ioctl resumed>) = 0 [pid 5137] close(3 [pid 5142] <... mmap resumed>) = 0x7f6220e00000 [pid 5140] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5137] <... close resumed>) = 0 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5140] <... openat resumed>) = 4 [pid 5141] <... ioctl resumed>) = 0 [pid 5139] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5138] <... symlink resumed>) = 0 [pid 5137] close(4 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [ 116.727412][ T5137] loop2: detected capacity change from 0 to 1024 [ 116.754094][ T5141] loop4: detected capacity change from 0 to 1024 [pid 5141] close(3 [pid 5139] <... creat resumed>) = 4 [pid 5138] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5141] <... close resumed>) = 0 [pid 5139] rename("./bus", "./file2" [pid 5141] close(4 [pid 5139] <... rename resumed>) = -1 EEXIST (File exists) [pid 5141] <... close resumed>) = 0 [pid 5139] memfd_create("syzkaller", 0 [pid 5141] mkdir("./bus", 0777 [pid 5139] <... memfd_create resumed>) = 5 [pid 5138] <... creat resumed>) = 4 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5141] <... mkdir resumed>) = 0 [pid 5139] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5138] rename("./bus", "./file2" [pid 5137] <... close resumed>) = 0 [pid 5137] mkdir("./bus", 0777 [pid 5138] <... rename resumed>) = -1 EEXIST (File exists) [pid 5141] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5137] <... mkdir resumed>) = 0 [pid 5138] memfd_create("syzkaller", 0) = 5 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5141] <... mount resumed>) = 0 [pid 5138] <... mmap resumed>) = 0x7f6220e00000 [pid 5137] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5141] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5142] <... write resumed>) = 524288 [pid 5141] <... openat resumed>) = 3 [pid 5138] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5142] munmap(0x7f6220e00000, 138412032 [pid 5140] <... ioctl resumed>) = 0 [pid 5141] chdir("./bus") = 0 [pid 5142] <... munmap resumed>) = 0 [pid 5140] close(3 [pid 5141] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5140] <... close resumed>) = 0 [pid 5140] close(4 [pid 5141] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5140] <... close resumed>) = 0 [pid 5140] mkdir("./bus", 0777 [pid 5141] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5142] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5140] <... mkdir resumed>) = 0 [pid 5142] <... openat resumed>) = 4 [pid 5140] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5141] <... symlink resumed>) = 0 [pid 5139] <... write resumed>) = 524288 [pid 5141] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5137] <... mount resumed>) = 0 [ 116.791860][ T5140] loop3: detected capacity change from 0 to 1024 [pid 5137] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5139] munmap(0x7f6220e00000, 138412032) = 0 [pid 5137] chdir("./bus") = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5141] <... creat resumed>) = 4 [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5137] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5141] rename("./bus", "./file2" [pid 5139] close(5 [pid 5138] <... write resumed>) = 524288 [pid 5137] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5141] <... rename resumed>) = -1 EEXIST (File exists) [pid 5141] memfd_create("syzkaller", 0 [pid 5138] munmap(0x7f6220e00000, 138412032 [pid 5141] <... memfd_create resumed>) = 5 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5138] <... munmap resumed>) = 0 [pid 5141] <... mmap resumed>) = 0x7f6220e00000 [pid 5138] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5138] close(5 [pid 5142] <... ioctl resumed>) = 0 [pid 5137] <... symlink resumed>) = 0 [pid 5137] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5142] close(3) = 0 [pid 5142] close(4) = 0 [pid 5142] mkdir("./bus", 0777 [pid 5140] <... mount resumed>) = 0 [pid 5141] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5142] <... mkdir resumed>) = 0 [pid 5142] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5140] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5139] <... close resumed>) = 0 [pid 5140] chdir("./bus" [pid 5141] <... write resumed>) = 524288 [pid 5137] <... creat resumed>) = 4 [pid 5140] <... chdir resumed>) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5137] rename("./bus", "./file2" [pid 5139] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5140] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5140] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5138] <... close resumed>) = 0 [ 116.842368][ T5142] loop5: detected capacity change from 0 to 1024 [pid 5138] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5137] <... rename resumed>) = -1 EEXIST (File exists) [pid 5137] memfd_create("syzkaller", 0) = 5 [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] <... open resumed>) = 5 [pid 5137] <... mmap resumed>) = 0x7f6220e00000 [pid 5141] munmap(0x7f6220e00000, 138412032 [pid 5139] ftruncate(5, 0 [pid 5141] <... munmap resumed>) = 0 [pid 5139] <... ftruncate resumed>) = 0 [pid 5139] exit_group(0 [pid 5141] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5139] <... exit_group resumed>) = ? [pid 5141] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5140] <... symlink resumed>) = 0 [pid 5140] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5141] close(5) = 0 [pid 5137] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5139] +++ exited with 0 +++ [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5089] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] <... mount resumed>) = 0 [pid 5138] <... open resumed>) = 5 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5142] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5140] <... creat resumed>) = 4 [pid 5142] <... openat resumed>) = 3 [pid 5140] rename("./bus", "./file2" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5140] <... rename resumed>) = -1 EEXIST (File exists) [pid 5138] ftruncate(5, 0 [pid 5142] chdir("./bus" [pid 5138] <... ftruncate resumed>) = 0 [pid 5142] <... chdir resumed>) = 0 [pid 5140] memfd_create("syzkaller", 0 [pid 5142] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5140] <... memfd_create resumed>) = 5 [pid 5138] exit_group(0 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5138] <... exit_group resumed>) = ? [pid 5140] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5138] +++ exited with 0 +++ [pid 5142] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5137] <... write resumed>) = 524288 [pid 5089] <... umount2 resumed>) = 0 [pid 5142] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5090] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5141] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] <... openat resumed>) = 3 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5141] <... open resumed>) = 5 [pid 5090] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5142] <... symlink resumed>) = 0 [pid 5141] ftruncate(5, 0 [pid 5142] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5141] <... ftruncate resumed>) = 0 [pid 5141] exit_group(0) = ? [pid 5137] munmap(0x7f6220e00000, 138412032) = 0 [pid 5089] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5137] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... openat resumed>) = 4 [pid 5089] newfstatat(4, "", [pid 5137] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] <... umount2 resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5140] <... write resumed>) = 524288 [pid 5141] +++ exited with 0 +++ [pid 5137] close(5 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5142] <... creat resumed>) = 4 [pid 5140] munmap(0x7f6220e00000, 138412032 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5089] <... close resumed>) = 0 [pid 5142] rename("./bus", "./file2" [pid 5094] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] rmdir("./6/bus" [pid 5140] <... munmap resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5142] <... rename resumed>) = -1 EEXIST (File exists) [pid 5142] memfd_create("syzkaller", 0) = 5 [pid 5140] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5137] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5140] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5137] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5094] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] newfstatat(AT_FDCWD, "./6/bus", [pid 5089] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5094] <... openat resumed>) = 3 [pid 5142] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5140] close(5 [pid 5094] newfstatat(3, "", [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(3, [pid 5137] <... open resumed>) = 5 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] unlink("./6/binderfs" [pid 5137] ftruncate(5, 0) = 0 [pid 5094] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... unlink resumed>) = 0 [pid 5137] exit_group(0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] getdents64(3, [pid 5137] <... exit_group resumed>) = ? [pid 5090] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5089] close(3 [pid 5090] newfstatat(4, "", [pid 5089] <... close resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] rmdir("./6" [pid 5090] getdents64(4, [pid 5089] <... rmdir resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5089] mkdir("./7", 0777 [pid 5090] rmdir("./6/bus" [pid 5089] <... mkdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5140] <... close resumed>) = 0 [pid 5090] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5090] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5089] <... openat resumed>) = 3 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5137] +++ exited with 0 +++ [pid 5090] unlink("./6/binderfs" [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5090] <... unlink resumed>) = 0 [pid 5091] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5140] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(3, [pid 5090] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] close(3) = 0 [pid 5090] rmdir("./6") = 0 [pid 5090] mkdir("./7", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5142] <... write resumed>) = 524288 [pid 5142] munmap(0x7f6220e00000, 138412032 [pid 5140] <... open resumed>) = 5 [pid 5094] <... umount2 resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5094] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5142] <... munmap resumed>) = 0 [pid 5140] ftruncate(5, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] newfstatat(AT_FDCWD, "./6/bus", [pid 5140] <... ftruncate resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5140] exit_group(0 [pid 5094] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] <... ioctl resumed>) = 0 [pid 5140] <... exit_group resumed>) = ? [pid 5140] +++ exited with 0 +++ [pid 5094] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5142] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... openat resumed>) = 4 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5094] newfstatat(4, "", [pid 5091] newfstatat(AT_FDCWD, "./6/bus", [pid 5142] close(5 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5142] <... close resumed>) = 0 [pid 5094] getdents64(4, [pid 5091] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] newfstatat(4, "", [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] newfstatat(3, "", [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] close(4 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] getdents64(3, [pid 5091] getdents64(4, [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] rmdir("./6/bus" [pid 5092] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] close(4 [pid 5142] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5094] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5091] rmdir("./6/bus" [pid 5089] <... close resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./6/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5094] unlink("./6/binderfs" [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] close(3 [pid 5092] <... openat resumed>) = 4 [pid 5090] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... unlink resumed>) = 0 [pid 5094] getdents64(3, [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5143 [pid 5091] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] close(3 [pid 5092] newfstatat(4, "", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(AT_FDCWD, "./6/binderfs", ./strace-static-x86_64: Process 5143 attached [pid 5092] getdents64(4, [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5143] set_robust_list(0x5555645e8660, 24 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5143] <... set_robust_list resumed>) = 0 [pid 5091] unlink("./6/binderfs" [pid 5094] rmdir("./6" [pid 5142] <... open resumed>) = 5 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./6/bus") = 0 [pid 5091] <... unlink resumed>) = 0 ./strace-static-x86_64: Process 5144 attached [pid 5142] ftruncate(5, 0 [pid 5092] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5144 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./6/binderfs") = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5144] set_robust_list(0x5555645e8660, 24 [pid 5142] <... ftruncate resumed>) = 0 [pid 5092] rmdir("./6") = 0 [pid 5144] <... set_robust_list resumed>) = 0 [pid 5142] exit_group(0) = ? [pid 5143] chdir("./7" [pid 5142] +++ exited with 0 +++ [pid 5094] mkdir("./7", 0777 [pid 5091] getdents64(3, [pid 5143] <... chdir resumed>) = 0 [pid 5144] chdir("./7") = 0 [pid 5092] mkdir("./7", 0777) = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5143] <... prctl resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5091] close(3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5144] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5144] symlink("/dev/binderfs", "./binderfs" [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5144] <... symlink resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5143] setpgid(0, 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] close(3 [pid 5091] <... close resumed>) = 0 [pid 5143] <... setpgid resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] <... close resumed>) = 0 [pid 5144] memfd_create("syzkaller", 0 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] rmdir("./6" [pid 5144] <... memfd_create resumed>) = 3 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] <... openat resumed>) = 3 [pid 5095] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... rmdir resumed>) = 0 [pid 5144] <... mmap resumed>) = 0x7f6220e00000 [pid 5143] write(3, "1000", 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] mkdir("./7", 0777 [pid 5143] <... write resumed>) = 4 [pid 5095] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] close(3 [pid 5095] <... openat resumed>) = 3 [pid 5091] <... mkdir resumed>) = 0 [pid 5143] <... close resumed>) = 0 [pid 5095] newfstatat(3, "", [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5143] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5145 [pid 5091] <... openat resumed>) = 3 [pid 5143] <... symlink resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [ 117.132118][ T28] kauditd_printk_skb: 31 callbacks suppressed [ 117.132144][ T28] audit: type=1800 audit(1713724087.478:43): pid=5142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop5" ino=20 res=0 errno=0 [pid 5143] memfd_create("syzkaller", 0 [pid 5095] getdents64(3, [pid 5143] <... memfd_create resumed>) = 3 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5145 attached [pid 5145] set_robust_list(0x5555645e8660, 24 [pid 5144] <... write resumed>) = 524288 [pid 5143] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5094] close(3) = 0 [pid 5145] <... set_robust_list resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5146 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5145] chdir("./7"./strace-static-x86_64: Process 5146 attached [pid 5095] newfstatat(AT_FDCWD, "./6/bus", [pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5146] set_robust_list(0x5555645e8660, 24 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5146] <... set_robust_list resumed>) = 0 [pid 5145] <... chdir resumed>) = 0 [pid 5146] chdir("./7") = 0 [pid 5144] munmap(0x7f6220e00000, 138412032 [pid 5095] umount2("./6/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5146] setpgid(0, 0 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] <... setpgid resumed>) = 0 [pid 5145] setpgid(0, 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5145] <... setpgid resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./6/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5146] <... openat resumed>) = 3 [pid 5146] write(3, "1000", 4 [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5144] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] <... write resumed>) = 524288 [pid 5095] newfstatat(4, "", [pid 5146] <... write resumed>) = 4 [pid 5144] <... openat resumed>) = 4 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5145] <... openat resumed>) = 3 [pid 5144] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(4, [pid 5146] close(3 [pid 5145] write(3, "1000", 4 [pid 5144] <... ioctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] <... ioctl resumed>) = 0 [pid 5146] <... close resumed>) = 0 [pid 5145] <... write resumed>) = 4 [pid 5146] symlink("/dev/binderfs", "./binderfs" [pid 5145] close(3 [pid 5143] munmap(0x7f6220e00000, 138412032 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5146] <... symlink resumed>) = 0 [pid 5145] <... close resumed>) = 0 [pid 5095] close(4 [pid 5145] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./6/bus" [pid 5145] <... symlink resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5095] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5146] memfd_create("syzkaller", 0 [pid 5145] memfd_create("syzkaller", 0 [pid 5143] <... munmap resumed>) = 0 [pid 5095] unlink("./6/binderfs" [pid 5145] <... memfd_create resumed>) = 3 [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... unlink resumed>) = 0 [pid 5091] close(3) = 0 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] <... openat resumed>) = 4 [pid 5146] <... memfd_create resumed>) = 3 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5147 attached [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... mmap resumed>) = 0x7f6220e00000 [pid 5143] ioctl(4, LOOP_SET_FD, 3 [pid 5095] getdents64(3, [pid 5144] close(3 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5147 [pid 5147] set_robust_list(0x5555645e8660, 24 [pid 5146] <... mmap resumed>) = 0x7f6220e00000 [pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5144] <... close resumed>) = 0 [pid 5143] <... ioctl resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5147] <... set_robust_list resumed>) = 0 [pid 5095] close(3) = 0 [pid 5147] chdir("./7" [pid 5095] rmdir("./6" [pid 5147] <... chdir resumed>) = 0 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5144] close(4 [pid 5143] close(3 [pid 5095] <... rmdir resumed>) = 0 [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5144] <... close resumed>) = 0 [pid 5143] <... close resumed>) = 0 [pid 5095] mkdir("./7", 0777 [pid 5147] <... prctl resumed>) = 0 [pid 5144] mkdir("./bus", 0777 [pid 5143] close(4 [pid 5095] <... mkdir resumed>) = 0 [ 117.257608][ T5144] loop1: detected capacity change from 0 to 1024 [ 117.289058][ T5143] loop0: detected capacity change from 0 to 1024 [pid 5147] setpgid(0, 0 [pid 5146] <... write resumed>) = 524288 [pid 5144] <... mkdir resumed>) = 0 [pid 5143] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5147] <... setpgid resumed>) = 0 [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5146] munmap(0x7f6220e00000, 138412032 [pid 5145] <... write resumed>) = 524288 [pid 5144] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5143] mkdir("./bus", 0777 [pid 5095] <... openat resumed>) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5147] <... openat resumed>) = 3 [pid 5145] munmap(0x7f6220e00000, 138412032) = 0 [pid 5143] <... mkdir resumed>) = 0 [pid 5146] <... munmap resumed>) = 0 [pid 5147] write(3, "1000", 4 [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5145] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5143] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5147] <... write resumed>) = 4 [pid 5147] close(3) = 0 [pid 5147] symlink("/dev/binderfs", "./binderfs" [pid 5145] <... openat resumed>) = 4 [pid 5147] <... symlink resumed>) = 0 [pid 5145] ioctl(4, LOOP_SET_FD, 3 [pid 5146] <... openat resumed>) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 5147] memfd_create("syzkaller", 0) = 3 [pid 5095] <... ioctl resumed>) = 0 [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5146] <... ioctl resumed>) = 0 [pid 5145] <... ioctl resumed>) = 0 [pid 5144] <... mount resumed>) = 0 [pid 5095] close(3 [pid 5146] close(3 [pid 5144] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5146] <... close resumed>) = 0 [pid 5143] <... mount resumed>) = 0 [pid 5146] close(4 [pid 5145] close(3 [pid 5143] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5146] <... close resumed>) = 0 [pid 5145] <... close resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5146] mkdir("./bus", 0777 [pid 5145] close(4 [pid 5143] <... openat resumed>) = 3 [pid 5146] <... mkdir resumed>) = 0 [pid 5145] <... close resumed>) = 0 [pid 5144] <... openat resumed>) = 3 [pid 5143] chdir("./bus" [pid 5145] mkdir("./bus", 0777 [pid 5144] chdir("./bus" [pid 5143] <... chdir resumed>) = 0 [pid 5145] <... mkdir resumed>) = 0 [pid 5144] <... chdir resumed>) = 0 [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5148 [pid 5143] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5144] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5144] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5145] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5144] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"./strace-static-x86_64: Process 5148 attached [pid 5148] set_robust_list(0x5555645e8660, 24) = 0 [pid 5148] chdir("./7") = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5148] write(3, "1000", 4 [pid 5144] <... symlink resumed>) = 0 [pid 5143] <... symlink resumed>) = 0 [pid 5148] <... write resumed>) = 4 [pid 5148] close(3) = 0 [ 117.365314][ T5145] loop3: detected capacity change from 0 to 1024 [ 117.378221][ T5146] loop4: detected capacity change from 0 to 1024 [pid 5148] symlink("/dev/binderfs", "./binderfs" [pid 5144] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5143] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5148] <... symlink resumed>) = 0 [pid 5146] <... mount resumed>) = 0 [pid 5148] memfd_create("syzkaller", 0 [pid 5146] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5148] <... memfd_create resumed>) = 3 [pid 5147] <... write resumed>) = 524288 [pid 5146] <... openat resumed>) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5146] chdir("./bus" [pid 5148] <... mmap resumed>) = 0x7f6220e00000 [pid 5146] <... chdir resumed>) = 0 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5145] <... mount resumed>) = 0 [pid 5144] <... creat resumed>) = 4 [pid 5147] munmap(0x7f6220e00000, 138412032 [pid 5146] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5145] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5147] <... munmap resumed>) = 0 [pid 5145] <... openat resumed>) = 3 [pid 5144] rename("./bus", "./file2" [pid 5147] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5143] <... creat resumed>) = 4 [pid 5146] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5145] chdir("./bus" [pid 5147] <... openat resumed>) = 4 [pid 5145] <... chdir resumed>) = 0 [pid 5143] rename("./bus", "./file2" [pid 5145] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5145] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5147] ioctl(4, LOOP_SET_FD, 3 [pid 5144] <... rename resumed>) = -1 EEXIST (File exists) [pid 5146] <... symlink resumed>) = 0 [pid 5145] <... symlink resumed>) = 0 [pid 5146] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5145] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5147] <... ioctl resumed>) = 0 [pid 5144] memfd_create("syzkaller", 0) = 5 [pid 5143] <... rename resumed>) = -1 EEXIST (File exists) [pid 5147] close(3 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] memfd_create("syzkaller", 0 [pid 5147] <... close resumed>) = 0 [pid 5144] <... mmap resumed>) = 0x7f6220e00000 [pid 5143] <... memfd_create resumed>) = 5 [pid 5147] close(4 [pid 5148] <... write resumed>) = 524288 [pid 5147] <... close resumed>) = 0 [pid 5146] <... creat resumed>) = 4 [pid 5144] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5146] rename("./bus", "./file2" [pid 5143] <... mmap resumed>) = 0x7f6220e00000 [pid 5146] <... rename resumed>) = -1 EEXIST (File exists) [pid 5146] memfd_create("syzkaller", 0 [pid 5145] <... creat resumed>) = 4 [pid 5146] <... memfd_create resumed>) = 5 [pid 5145] rename("./bus", "./file2" [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... rename resumed>) = -1 EEXIST (File exists) [pid 5147] mkdir("./bus", 0777 [pid 5146] <... mmap resumed>) = 0x7f6220e00000 [pid 5145] memfd_create("syzkaller", 0 [pid 5147] <... mkdir resumed>) = 0 [pid 5145] <... memfd_create resumed>) = 5 [pid 5143] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5147] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5148] munmap(0x7f6220e00000, 138412032) = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop5", O_RDWR [ 117.458279][ T5147] loop2: detected capacity change from 0 to 1024 [pid 5146] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5148] <... openat resumed>) = 4 [pid 5145] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5145] <... write resumed>) = 524288 [pid 5143] <... write resumed>) = 524288 [pid 5144] <... write resumed>) = 524288 [pid 5144] munmap(0x7f6220e00000, 138412032) = 0 [pid 5147] <... mount resumed>) = 0 [pid 5147] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5146] <... write resumed>) = 524288 [pid 5148] <... ioctl resumed>) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5145] munmap(0x7f6220e00000, 138412032 [pid 5144] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] munmap(0x7f6220e00000, 138412032 [pid 5147] chdir("./bus" [pid 5145] <... munmap resumed>) = 0 [pid 5144] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5143] <... munmap resumed>) = 0 [pid 5147] <... chdir resumed>) = 0 [pid 5144] close(5 [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5148] close(3 [pid 5146] munmap(0x7f6220e00000, 138412032 [pid 5145] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5143] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5148] <... close resumed>) = 0 [pid 5147] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5146] <... munmap resumed>) = 0 [pid 5145] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5148] close(4) = 0 [pid 5148] mkdir("./bus", 0777 [pid 5147] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5148] <... mkdir resumed>) = 0 [pid 5148] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5145] close(5 [pid 5143] close(5 [pid 5147] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5146] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5146] close(5) = 0 [pid 5144] <... close resumed>) = 0 [ 117.523176][ T5148] loop5: detected capacity change from 0 to 1024 [pid 5147] <... symlink resumed>) = 0 [pid 5148] <... mount resumed>) = 0 [pid 5148] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5147] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5145] <... close resumed>) = 0 [pid 5144] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5148] <... openat resumed>) = 3 [pid 5148] chdir("./bus") = 0 [pid 5148] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5145] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5143] <... close resumed>) = 0 [pid 5143] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5148] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5146] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5145] <... open resumed>) = 5 [pid 5148] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5147] <... creat resumed>) = 4 [pid 5144] <... open resumed>) = 5 [pid 5147] rename("./bus", "./file2" [pid 5145] ftruncate(5, 0 [pid 5144] ftruncate(5, 0 [pid 5145] <... ftruncate resumed>) = 0 [pid 5144] <... ftruncate resumed>) = 0 [pid 5148] <... symlink resumed>) = 0 [pid 5145] exit_group(0 [pid 5144] exit_group(0 [pid 5147] <... rename resumed>) = -1 EEXIST (File exists) [pid 5143] <... open resumed>) = 5 [pid 5145] <... exit_group resumed>) = ? [pid 5147] memfd_create("syzkaller", 0 [pid 5145] +++ exited with 0 +++ [pid 5144] <... exit_group resumed>) = ? [pid 5143] ftruncate(5, 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5148] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5147] <... memfd_create resumed>) = 5 [pid 5143] <... ftruncate resumed>) = 0 [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] exit_group(0 [pid 5147] <... mmap resumed>) = 0x7f6220e00000 [pid 5143] <... exit_group resumed>) = ? [pid 5148] <... creat resumed>) = 4 [pid 5144] +++ exited with 0 +++ [pid 5143] +++ exited with 0 +++ [pid 5092] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [ 117.620223][ T28] audit: type=1800 audit(1713724087.958:44): pid=5145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop3" ino=20 res=0 errno=0 [pid 5148] rename("./bus", "./file2" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5092] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] <... rename resumed>) = -1 EEXIST (File exists) [pid 5148] memfd_create("syzkaller", 0) = 5 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5148] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5146] <... open resumed>) = 5 [pid 5092] <... openat resumed>) = 3 [pid 5092] newfstatat(3, "", [pid 5147] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(3, [pid 5089] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5146] ftruncate(5, 0) = 0 [pid 5146] exit_group(0) = ? [pid 5148] munmap(0x7f6220e00000, 138412032 [pid 5146] +++ exited with 0 +++ [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] <... munmap resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5094] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(3, "", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5094] <... openat resumed>) = 3 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5148] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] newfstatat(3, "", [pid 5090] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 3 [pid 5148] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] newfstatat(3, "", [pid 5094] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5148] close(5 [pid 5094] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5147] <... write resumed>) = 524288 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5147] munmap(0x7f6220e00000, 138412032) = 0 [pid 5147] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [ 117.704595][ T28] audit: type=1800 audit(1713724087.958:45): pid=5144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [pid 5147] close(5 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5147] <... close resumed>) = 0 [pid 5147] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5089] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./7/bus", [pid 5148] <... close resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5147] <... open resumed>) = 5 [pid 5089] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./7/bus" [pid 5092] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... rmdir resumed>) = 0 [pid 5089] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./7/bus", [pid 5090] newfstatat(AT_FDCWD, "./7/bus", [pid 5089] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5148] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5147] ftruncate(5, 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] unlink("./7/binderfs" [pid 5147] <... ftruncate resumed>) = 0 [pid 5094] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... unlink resumed>) = 0 [pid 5147] exit_group(0) = ? [pid 5089] getdents64(3, [pid 5147] +++ exited with 0 +++ [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] close(3 [pid 5094] newfstatat(AT_FDCWD, "./7/bus", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... close resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5148] <... open resumed>) = 5 [pid 5092] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 [pid 5148] ftruncate(5, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(4, "", [pid 5148] <... ftruncate resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5148] exit_group(0 [pid 5091] <... openat resumed>) = 3 [pid 5090] getdents64(4, [pid 5092] newfstatat(4, "", [pid 5148] <... exit_group resumed>) = ? [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(3, "", [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5090] getdents64(4, [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] rmdir("./7" [pid 5094] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5090] close(4 [pid 5092] getdents64(4, [pid 5094] <... openat resumed>) = 4 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] getdents64(3, [pid 5090] <... close resumed>) = 0 [pid 5092] close(4 [pid 5089] mkdir("./8", 0777 [pid 5094] newfstatat(4, "", [pid 5092] <... close resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] rmdir("./7/bus" [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] rmdir("./7/bus" [pid 5091] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... rmdir resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5148] +++ exited with 0 +++ [pid 5094] getdents64(4, [pid 5092] <... rmdir resumed>) = 0 [pid 5090] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(4, [pid 5090] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] close(4 [ 117.810924][ T28] audit: type=1800 audit(1713724088.008:46): pid=5143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop0" ino=20 res=0 errno=0 [pid 5092] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] unlink("./7/binderfs" [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... unlink resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] unlink("./7/binderfs" [pid 5091] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [ 117.867598][ T28] audit: type=1800 audit(1713724088.038:47): pid=5146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 117.889670][ T28] audit: type=1800 audit(1713724088.138:48): pid=5147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop2" ino=20 res=0 errno=0 [pid 5090] getdents64(3, [pid 5095] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] rmdir("./7/bus" [pid 5092] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5091] newfstatat(AT_FDCWD, "./7/bus", [pid 5090] close(3 [pid 5095] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] close(3 [pid 5095] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] close(3 [pid 5089] <... close resumed>) = 0 [pid 5095] newfstatat(3, "", [pid 5094] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5092] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] rmdir("./7" [pid 5095] getdents64(3, [pid 5094] unlink("./7/binderfs" [pid 5092] <... rmdir resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] <... unlink resumed>) = 0 [pid 5092] mkdir("./8", 0777 [pid 5095] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] getdents64(3, [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5149 attached [pid 5094] close(3 [pid 5149] set_robust_list(0x5555645e8660, 24 [pid 5094] <... close resumed>) = 0 [pid 5092] <... mkdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5149 [pid 5149] <... set_robust_list resumed>) = 0 [pid 5090] rmdir("./7" [pid 5149] chdir("./8" [pid 5094] rmdir("./7" [pid 5091] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... rmdir resumed>) = 0 [pid 5149] <... chdir resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] newfstatat(4, "", [pid 5092] <... openat resumed>) = 3 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] mkdir("./8", 0777 [pid 5090] mkdir("./8", 0777 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... umount2 resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] getdents64(4, [pid 5090] <... mkdir resumed>) = 0 [pid 5149] <... prctl resumed>) = 0 [pid 5149] setpgid(0, 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5149] <... setpgid resumed>) = 0 [pid 5091] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] close(4) = 0 [pid 5091] rmdir("./7/bus" [pid 5149] <... openat resumed>) = 3 [pid 5091] <... rmdir resumed>) = 0 [pid 5149] write(3, "1000", 4) = 4 [pid 5149] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5149] symlink("/dev/binderfs", "./binderfs" [pid 5095] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5149] <... symlink resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5149] memfd_create("syzkaller", 0 [pid 5095] newfstatat(AT_FDCWD, "./7/bus", [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5091] unlink("./7/binderfs" [pid 5149] <... memfd_create resumed>) = 3 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] <... unlink resumed>) = 0 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] umount2("./7/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5149] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(3, [pid 5095] openat(AT_FDCWD, "./7/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [ 117.910955][ T28] audit: type=1800 audit(1713724088.178:49): pid=5148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop5" ino=20 res=0 errno=0 [pid 5091] close(3 [pid 5095] <... openat resumed>) = 4 [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./7" [pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./7/bus" [pid 5091] <... rmdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5091] mkdir("./8", 0777 [pid 5095] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] unlink("./7/binderfs") = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5149] <... write resumed>) = 524288 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5095] close(3 [pid 5149] munmap(0x7f6220e00000, 138412032 [pid 5095] <... close resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] close(3) = 0 [pid 5149] <... munmap resumed>) = 0 [pid 5094] close(3 [pid 5092] close(3 [pid 5091] <... openat resumed>) = 3 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] rmdir("./7") = 0 [pid 5095] mkdir("./8", 0777./strace-static-x86_64: Process 5150 attached [pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... mkdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5149] <... openat resumed>) = 4 [pid 5095] <... openat resumed>) = 3 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5150 [pid 5150] set_robust_list(0x5555645e8660, 24 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5150] <... set_robust_list resumed>) = 0 [pid 5150] chdir("./8" [pid 5149] ioctl(4, LOOP_SET_FD, 3 [pid 5150] <... chdir resumed>) = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5149] <... ioctl resumed>) = 0 [pid 5150] <... prctl resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5152 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5151 [pid 5150] setpgid(0, 0./strace-static-x86_64: Process 5151 attached ./strace-static-x86_64: Process 5152 attached ) = 0 [pid 5149] close(3 [pid 5152] set_robust_list(0x5555645e8660, 24 [pid 5151] set_robust_list(0x5555645e8660, 24 [pid 5152] <... set_robust_list resumed>) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5149] <... close resumed>) = 0 [pid 5152] chdir("./8" [pid 5149] close(4) = 0 [pid 5151] <... set_robust_list resumed>) = 0 [pid 5151] chdir("./8" [pid 5152] <... chdir resumed>) = 0 [pid 5149] mkdir("./bus", 0777 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5151] <... chdir resumed>) = 0 [pid 5152] <... prctl resumed>) = 0 [pid 5152] setpgid(0, 0 [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5151] setpgid(0, 0 [pid 5152] <... setpgid resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5149] <... mkdir resumed>) = 0 [pid 5151] <... setpgid resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5152] <... openat resumed>) = 3 [pid 5151] <... openat resumed>) = 3 [pid 5152] write(3, "1000", 4 [pid 5095] <... ioctl resumed>) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5152] <... write resumed>) = 4 [pid 5152] close(3) = 0 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5151] write(3, "1000", 4 [pid 5150] <... openat resumed>) = 3 [pid 5149] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5151] <... write resumed>) = 4 [pid 5151] close(3) = 0 [pid 5151] symlink("/dev/binderfs", "./binderfs" [pid 5152] memfd_create("syzkaller", 0 [pid 5151] <... symlink resumed>) = 0 [pid 5151] memfd_create("syzkaller", 0 [pid 5152] <... memfd_create resumed>) = 3 [pid 5095] close(3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5151] <... memfd_create resumed>) = 3 [pid 5150] write(3, "1000", 4 [pid 5095] <... close resumed>) = 0 [pid 5150] <... write resumed>) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs" [pid 5152] <... mmap resumed>) = 0x7f6220e00000 [ 118.056007][ T5149] loop0: detected capacity change from 0 to 1024 [pid 5091] close(3 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5150] <... symlink resumed>) = 0 [pid 5091] <... close resumed>) = 0 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5151] <... mmap resumed>) = 0x7f6220e00000 [pid 5150] memfd_create("syzkaller", 0 [pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5150] <... memfd_create resumed>) = 3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5149] <... mount resumed>) = 0 [pid 5149] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... openat resumed>) = 3 [pid 5149] chdir("./bus") = 0 ./strace-static-x86_64: Process 5153 attached [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5153 [pid 5150] <... mmap resumed>) = 0x7f6220e00000 [pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5153] set_robust_list(0x5555645e8660, 24 [pid 5149] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5153] <... set_robust_list resumed>) = 0 [pid 5149] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5153] chdir("./8" [pid 5151] <... write resumed>) = 524288 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5149] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5154 attached [pid 5154] set_robust_list(0x5555645e8660, 24) = 0 [pid 5154] chdir("./8" [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5154 [pid 5153] <... chdir resumed>) = 0 [pid 5154] <... chdir resumed>) = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5153] <... prctl resumed>) = 0 [pid 5154] <... prctl resumed>) = 0 [pid 5153] setpgid(0, 0 [pid 5154] setpgid(0, 0 [pid 5153] <... setpgid resumed>) = 0 [pid 5149] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5154] <... setpgid resumed>) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5154] write(3, "1000", 4 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5152] <... write resumed>) = 524288 [pid 5154] <... write resumed>) = 4 [pid 5154] close(3) = 0 [pid 5154] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5153] <... openat resumed>) = 3 [pid 5154] memfd_create("syzkaller", 0) = 3 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5149] <... creat resumed>) = 4 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5153] write(3, "1000", 4 [pid 5152] munmap(0x7f6220e00000, 138412032 [pid 5149] rename("./bus", "./file2" [pid 5151] munmap(0x7f6220e00000, 138412032 [pid 5153] <... write resumed>) = 4 [pid 5151] <... munmap resumed>) = 0 [pid 5150] <... write resumed>) = 524288 [pid 5153] close(3 [pid 5150] munmap(0x7f6220e00000, 138412032) = 0 [pid 5153] <... close resumed>) = 0 [pid 5153] symlink("/dev/binderfs", "./binderfs" [pid 5149] <... rename resumed>) = -1 EEXIST (File exists) [pid 5150] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5152] <... munmap resumed>) = 0 [pid 5153] <... symlink resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5150] <... openat resumed>) = 4 [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5151] ioctl(4, LOOP_SET_FD, 3 [pid 5153] memfd_create("syzkaller", 0 [pid 5152] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5150] <... ioctl resumed>) = 0 [pid 5149] memfd_create("syzkaller", 0 [pid 5152] <... openat resumed>) = 4 [pid 5149] <... memfd_create resumed>) = 5 [pid 5150] close(3) = 0 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5150] close(4 [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5150] <... close resumed>) = 0 [pid 5150] mkdir("./bus", 0777 [pid 5154] <... write resumed>) = 524288 [pid 5153] <... memfd_create resumed>) = 3 [pid 5150] <... mkdir resumed>) = 0 [pid 5149] <... mmap resumed>) = 0x7f6220e00000 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5150] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5149] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5153] <... mmap resumed>) = 0x7f6220e00000 [pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5154] munmap(0x7f6220e00000, 138412032) = 0 [ 118.174515][ T5150] loop1: detected capacity change from 0 to 1024 [ 118.176853][ T5151] loop3: detected capacity change from 0 to 1024 [ 118.189611][ T5152] loop4: detected capacity change from 0 to 1024 [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5152] <... ioctl resumed>) = 0 [pid 5150] <... mount resumed>) = 0 [pid 5149] <... write resumed>) = 524288 [pid 5154] <... openat resumed>) = 4 [pid 5152] close(3 [pid 5150] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5152] <... close resumed>) = 0 [pid 5152] close(4 [pid 5154] ioctl(4, LOOP_SET_FD, 3 [pid 5152] <... close resumed>) = 0 [pid 5152] mkdir("./bus", 0777) = 0 [pid 5150] <... openat resumed>) = 3 [pid 5154] <... ioctl resumed>) = 0 [pid 5152] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5151] <... ioctl resumed>) = 0 [pid 5154] close(3 [pid 5151] close(3 [pid 5154] <... close resumed>) = 0 [pid 5151] <... close resumed>) = 0 [pid 5150] chdir("./bus" [pid 5154] close(4 [pid 5151] close(4 [pid 5154] <... close resumed>) = 0 [pid 5151] <... close resumed>) = 0 [pid 5150] <... chdir resumed>) = 0 [pid 5154] mkdir("./bus", 0777 [pid 5151] mkdir("./bus", 0777 [pid 5154] <... mkdir resumed>) = 0 [pid 5151] <... mkdir resumed>) = 0 [pid 5153] <... write resumed>) = 524288 [pid 5150] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5154] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5151] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5153] munmap(0x7f6220e00000, 138412032 [pid 5150] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5149] munmap(0x7f6220e00000, 138412032 [pid 5152] <... mount resumed>) = 0 [pid 5153] <... munmap resumed>) = 0 [pid 5152] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5150] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5149] <... munmap resumed>) = 0 [pid 5152] <... openat resumed>) = 3 [pid 5152] chdir("./bus") = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5152] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5153] <... openat resumed>) = 4 [ 118.228308][ T5154] loop5: detected capacity change from 0 to 1024 [pid 5153] ioctl(4, LOOP_SET_FD, 3 [pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5154] <... mount resumed>) = 0 [pid 5151] <... mount resumed>) = 0 [pid 5154] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5151] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5154] chdir("./bus" [pid 5151] <... openat resumed>) = 3 [pid 5154] <... chdir resumed>) = 0 [pid 5151] chdir("./bus" [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5151] <... chdir resumed>) = 0 [pid 5149] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5154] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5151] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5150] <... symlink resumed>) = 0 [pid 5149] close(5 [pid 5151] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5151] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5150] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5154] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5152] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5154] <... symlink resumed>) = 0 [pid 5151] <... symlink resumed>) = 0 [pid 5154] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5151] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5152] <... symlink resumed>) = 0 [pid 5152] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5150] <... creat resumed>) = 4 [pid 5149] <... close resumed>) = 0 [pid 5154] <... creat resumed>) = 4 [pid 5149] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5150] rename("./bus", "./file2" [pid 5154] rename("./bus", "./file2" [pid 5151] <... creat resumed>) = 4 [pid 5150] <... rename resumed>) = -1 EEXIST (File exists) [pid 5151] rename("./bus", "./file2" [pid 5150] memfd_create("syzkaller", 0 [pid 5154] <... rename resumed>) = -1 EEXIST (File exists) [pid 5153] <... ioctl resumed>) = 0 [pid 5150] <... memfd_create resumed>) = 5 [ 118.283539][ T5153] loop2: detected capacity change from 0 to 1024 [pid 5154] memfd_create("syzkaller", 0) = 5 [pid 5153] close(3 [pid 5152] <... creat resumed>) = 4 [pid 5151] <... rename resumed>) = -1 EEXIST (File exists) [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... open resumed>) = 5 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5153] <... close resumed>) = 0 [pid 5150] <... mmap resumed>) = 0x7f6220e00000 [pid 5149] ftruncate(5, 0 [pid 5154] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5153] close(4 [pid 5149] <... ftruncate resumed>) = 0 [pid 5154] <... write resumed>) = 524288 [pid 5153] <... close resumed>) = 0 [pid 5150] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5149] exit_group(0 [pid 5153] mkdir("./bus", 0777 [pid 5149] <... exit_group resumed>) = ? [pid 5151] memfd_create("syzkaller", 0) = 5 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5152] rename("./bus", "./file2" [pid 5150] <... write resumed>) = 524288 [pid 5153] <... mkdir resumed>) = 0 [ 118.325593][ T28] audit: type=1800 audit(1713724088.668:50): pid=5149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop0" ino=20 res=0 errno=0 [pid 5149] +++ exited with 0 +++ [pid 5153] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5151] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5089] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5154] munmap(0x7f6220e00000, 138412032 [pid 5152] <... rename resumed>) = -1 EEXIST (File exists) [pid 5150] munmap(0x7f6220e00000, 138412032 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5154] <... munmap resumed>) = 0 [pid 5153] <... mount resumed>) = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5150] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5153] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5153] <... openat resumed>) = 3 [pid 5152] <... memfd_create resumed>) = 5 [pid 5150] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5153] chdir("./bus" [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5153] <... chdir resumed>) = 0 [pid 5154] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5152] <... mmap resumed>) = 0x7f6220e00000 [pid 5151] <... write resumed>) = 524288 [pid 5150] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5151] munmap(0x7f6220e00000, 138412032 [pid 5153] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5151] <... munmap resumed>) = 0 [pid 5150] close(5 [pid 5151] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5153] <... symlink resumed>) = 0 [pid 5151] close(5 [pid 5154] close(5 [pid 5153] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5152] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5150] <... close resumed>) = 0 [pid 5089] <... umount2 resumed>) = 0 [pid 5152] <... write resumed>) = 524288 [pid 5151] <... close resumed>) = 0 [pid 5150] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5089] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] <... creat resumed>) = 4 [pid 5150] <... open resumed>) = 5 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./8/bus", [pid 5153] rename("./bus", "./file2" [pid 5150] ftruncate(5, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5150] <... ftruncate resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] <... rename resumed>) = -1 EEXIST (File exists) [pid 5151] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5150] exit_group(0 [pid 5089] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5153] memfd_create("syzkaller", 0 [pid 5154] <... close resumed>) = 0 [pid 5153] <... memfd_create resumed>) = 5 [pid 5089] <... openat resumed>) = 4 [pid 5150] <... exit_group resumed>) = ? [pid 5151] <... open resumed>) = 5 [pid 5151] ftruncate(5, 0) = 0 [pid 5154] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5152] munmap(0x7f6220e00000, 138412032 [pid 5150] +++ exited with 0 +++ [pid 5089] newfstatat(4, "", [pid 5151] exit_group(0 [pid 5152] <... munmap resumed>) = 0 [pid 5151] <... exit_group resumed>) = ? [pid 5152] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5152] close(5 [pid 5154] <... open resumed>) = 5 [pid 5153] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5089] getdents64(4, [pid 5090] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5154] ftruncate(5, 0) = 0 [pid 5153] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5151] +++ exited with 0 +++ [pid 5090] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5090] <... openat resumed>) = 3 [pid 5090] newfstatat(3, "", [pid 5089] getdents64(4, [pid 5152] <... close resumed>) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] close(4 [pid 5092] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] rmdir("./8/bus" [pid 5152] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5154] exit_group(0 [pid 5153] <... write resumed>) = 524288 [pid 5092] newfstatat(3, "", [pid 5089] <... rmdir resumed>) = 0 [pid 5154] <... exit_group resumed>) = ? [pid 5153] munmap(0x7f6220e00000, 138412032 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] getdents64(3, [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5092] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./8/binderfs") = 0 [pid 5153] <... munmap resumed>) = 0 [pid 5089] getdents64(3, [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5153] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] close(3) = 0 [pid 5089] rmdir("./8") = 0 [pid 5089] mkdir("./9", 0777) = 0 [pid 5153] close(5 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5154] +++ exited with 0 +++ [pid 5152] <... open resumed>) = 5 [pid 5090] <... umount2 resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5152] ftruncate(5, 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5095] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5152] <... ftruncate resumed>) = 0 [pid 5095] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 118.484136][ T28] audit: type=1800 audit(1713724088.818:51): pid=5150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 118.506934][ T28] audit: type=1800 audit(1713724088.828:52): pid=5151 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop3" ino=20 res=0 errno=0 [pid 5095] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] <... close resumed>) = 0 [pid 5152] exit_group(0 [pid 5092] <... umount2 resumed>) = 0 [pid 5090] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5152] <... exit_group resumed>) = ? [pid 5095] <... umount2 resumed>) = 0 [pid 5095] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./8/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] close(4) = 0 [pid 5095] rmdir("./8/bus" [pid 5153] <... open resumed>) = 5 [pid 5152] +++ exited with 0 +++ [pid 5092] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(AT_FDCWD, "./8/bus", [pid 5153] ftruncate(5, 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] newfstatat(AT_FDCWD, "./8/bus", [pid 5090] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5153] <... ftruncate resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 4 [pid 5094] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] newfstatat(4, "", [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(4, [pid 5153] exit_group(0 [pid 5095] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] newfstatat(3, "", [pid 5092] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5153] <... exit_group resumed>) = ? [pid 5090] getdents64(4, [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] newfstatat(4, "", [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./8/bus" [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5092] getdents64(4, [pid 5090] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5153] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] getdents64(3, [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] close(4 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5094] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5091] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] rmdir("./8/bus" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] unlink("./8/binderfs" [pid 5095] unlink("./8/binderfs" [pid 5092] <... rmdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... unlink resumed>) = 0 [pid 5092] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 3 [pid 5090] <... unlink resumed>) = 0 [pid 5095] getdents64(3, [pid 5091] newfstatat(3, "", [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(3, [pid 5095] <... close resumed>) = 0 [pid 5092] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] getdents64(3, [pid 5095] rmdir("./8" [pid 5091] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] mkdir("./9", 0777 [pid 5090] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] unlink("./8/binderfs" [pid 5090] <... close resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5090] rmdir("./8" [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] <... rmdir resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] rmdir("./8") = 0 [pid 5090] mkdir("./9", 0777 [pid 5094] <... umount2 resumed>) = 0 [pid 5092] mkdir("./9", 0777 [pid 5094] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... mkdir resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5094] newfstatat(AT_FDCWD, "./8/bus", [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... umount2 resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] close(4) = 0 [pid 5094] rmdir("./8/bus") = 0 [pid 5089] close(3 [pid 5094] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] unlink("./8/binderfs") = 0 [pid 5094] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] close(3) = 0 [pid 5094] rmdir("./8" [pid 5092] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5155 [pid 5094] mkdir("./9", 0777./strace-static-x86_64: Process 5155 attached ) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5091] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5155] set_robust_list(0x5555645e8660, 24 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5155] <... set_robust_list resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] newfstatat(AT_FDCWD, "./8/bus", [pid 5155] chdir("./9" [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5155] <... chdir resumed>) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5155] setpgid(0, 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./8/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5155] <... setpgid resumed>) = 0 [pid 5095] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./8/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] <... close resumed>) = 0 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] <... openat resumed>) = 4 [pid 5091] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(4, [pid 5092] <... ioctl resumed>) = 0 [pid 5155] <... openat resumed>) = 3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4) = 0 [pid 5091] rmdir("./8/bus") = 0 [pid 5091] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] unlink("./8/binderfs") = 0 [pid 5091] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./8") = 0 [pid 5091] mkdir("./9", 0777) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5155] write(3, "1000", 4 [pid 5092] close(3 [pid 5155] <... write resumed>) = 4 [pid 5090] close(3 [pid 5155] close(3 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5156 [pid 5092] <... close resumed>) = 0 [pid 5155] <... close resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5155] symlink("/dev/binderfs", "./binderfs" [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5156 attached [pid 5156] set_robust_list(0x5555645e8660, 24) = 0 [pid 5156] chdir("./9" [pid 5091] <... openat resumed>) = 3 [pid 5156] <... chdir resumed>) = 0 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5156] setpgid(0, 0 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5156] <... setpgid resumed>) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5158 attached ./strace-static-x86_64: Process 5157 attached [pid 5155] <... symlink resumed>) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5157 [pid 5158] set_robust_list(0x5555645e8660, 24 [pid 5157] set_robust_list(0x5555645e8660, 24 [pid 5156] write(3, "1000", 4 [pid 5155] memfd_create("syzkaller", 0 [pid 5158] <... set_robust_list resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5158 [pid 5157] <... set_robust_list resumed>) = 0 [pid 5156] <... write resumed>) = 4 [pid 5158] chdir("./9" [pid 5157] chdir("./9" [pid 5156] close(3 [pid 5155] <... memfd_create resumed>) = 3 [pid 5158] <... chdir resumed>) = 0 [pid 5156] <... close resumed>) = 0 [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5157] <... chdir resumed>) = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5156] symlink("/dev/binderfs", "./binderfs" [pid 5155] <... mmap resumed>) = 0x7f6220e00000 [pid 5158] <... prctl resumed>) = 0 [pid 5157] <... prctl resumed>) = 0 [pid 5156] <... symlink resumed>) = 0 [pid 5158] setpgid(0, 0 [pid 5157] setpgid(0, 0 [pid 5156] memfd_create("syzkaller", 0 [pid 5158] <... setpgid resumed>) = 0 [pid 5157] <... setpgid resumed>) = 0 [pid 5156] <... memfd_create resumed>) = 3 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5094] close(3 [pid 5158] <... openat resumed>) = 3 [pid 5157] <... openat resumed>) = 3 [pid 5158] write(3, "1000", 4 [pid 5157] write(3, "1000", 4 [pid 5158] <... write resumed>) = 4 [pid 5157] <... write resumed>) = 4 [pid 5158] close(3 [pid 5157] close(3 [pid 5158] <... close resumed>) = 0 [pid 5157] <... close resumed>) = 0 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5157] symlink("/dev/binderfs", "./binderfs" [pid 5158] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... ioctl resumed>) = 0 [pid 5158] <... symlink resumed>) = 0 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5159 ./strace-static-x86_64: Process 5159 attached [pid 5159] set_robust_list(0x5555645e8660, 24) = 0 [pid 5159] chdir("./9") = 0 [pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5159] setpgid(0, 0) = 0 [pid 5158] memfd_create("syzkaller", 0 [pid 5157] <... symlink resumed>) = 0 [pid 5155] <... write resumed>) = 524288 [pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5158] <... memfd_create resumed>) = 3 [pid 5157] memfd_create("syzkaller", 0 [pid 5159] <... openat resumed>) = 3 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5157] <... memfd_create resumed>) = 3 [pid 5158] <... mmap resumed>) = 0x7f6220e00000 [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5159] write(3, "1000", 4 [pid 5157] <... mmap resumed>) = 0x7f6220e00000 [pid 5091] close(3 [pid 5156] <... write resumed>) = 524288 [pid 5159] <... write resumed>) = 4 [pid 5091] <... close resumed>) = 0 [pid 5159] close(3 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5159] <... close resumed>) = 0 [pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] munmap(0x7f6220e00000, 138412032 [pid 5159] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5156] <... munmap resumed>) = 0 [pid 5159] memfd_create("syzkaller", 0) = 3 [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] openat(AT_FDCWD, "/dev/loop5", O_RDWR./strace-static-x86_64: Process 5160 attached [pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5157] <... write resumed>) = 524288 [pid 5156] <... openat resumed>) = 4 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5160 [pid 5155] munmap(0x7f6220e00000, 138412032) = 0 [pid 5160] set_robust_list(0x5555645e8660, 24 [pid 5156] ioctl(4, LOOP_SET_FD, 3 [pid 5159] <... write resumed>) = 524288 [pid 5160] <... set_robust_list resumed>) = 0 [pid 5158] <... write resumed>) = 524288 [pid 5157] munmap(0x7f6220e00000, 138412032 [pid 5156] <... ioctl resumed>) = 0 [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5159] munmap(0x7f6220e00000, 138412032 [pid 5158] munmap(0x7f6220e00000, 138412032 [pid 5156] close(3 [pid 5160] chdir("./9" [pid 5155] <... openat resumed>) = 4 [pid 5156] <... close resumed>) = 0 [pid 5156] close(4) = 0 [pid 5159] <... munmap resumed>) = 0 [pid 5156] mkdir("./bus", 0777 [pid 5160] <... chdir resumed>) = 0 [pid 5155] ioctl(4, LOOP_SET_FD, 3 [pid 5157] <... munmap resumed>) = 0 [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5158] <... munmap resumed>) = 0 [pid 5160] <... prctl resumed>) = 0 [pid 5159] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5158] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5157] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5156] <... mkdir resumed>) = 0 [pid 5155] <... ioctl resumed>) = 0 [ 118.824137][ T5156] loop5: detected capacity change from 0 to 1024 [ 118.857496][ T5155] loop0: detected capacity change from 0 to 1024 [pid 5160] setpgid(0, 0 [pid 5159] <... openat resumed>) = 4 [pid 5158] <... openat resumed>) = 4 [pid 5157] <... openat resumed>) = 4 [pid 5156] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5159] ioctl(4, LOOP_SET_FD, 3 [pid 5158] ioctl(4, LOOP_SET_FD, 3 [pid 5160] <... setpgid resumed>) = 0 [pid 5157] ioctl(4, LOOP_SET_FD, 3 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5160] write(3, "1000", 4) = 4 [pid 5160] close(3) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5160] memfd_create("syzkaller", 0 [pid 5156] <... mount resumed>) = 0 [pid 5160] <... memfd_create resumed>) = 3 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5157] <... ioctl resumed>) = 0 [pid 5157] close(3) = 0 [pid 5157] close(4) = 0 [pid 5155] close(3) = 0 [pid 5157] mkdir("./bus", 0777) = 0 [pid 5157] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5155] close(4) = 0 [pid 5155] mkdir("./bus", 0777) = 0 [pid 5155] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5156] <... openat resumed>) = 3 [pid 5156] chdir("./bus") = 0 [pid 5159] <... ioctl resumed>) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5159] close(3 [pid 5156] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5159] <... close resumed>) = 0 [pid 5156] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5159] close(4) = 0 [pid 5157] <... mount resumed>) = 0 [pid 5159] mkdir("./bus", 0777 [pid 5157] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5157] chdir("./bus") = 0 [pid 5159] <... mkdir resumed>) = 0 [pid 5159] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5157] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5155] <... mount resumed>) = 0 [pid 5155] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5155] chdir("./bus") = 0 [pid 5157] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [ 118.877490][ T5159] loop4: detected capacity change from 0 to 1024 [ 118.877687][ T5158] loop3: detected capacity change from 0 to 1024 [ 118.891568][ T5157] loop1: detected capacity change from 0 to 1024 [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5155] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5157] <... symlink resumed>) = 0 [pid 5156] <... symlink resumed>) = 0 [pid 5155] <... symlink resumed>) = 0 [pid 5157] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5155] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5158] <... ioctl resumed>) = 0 [pid 5156] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5158] close(3) = 0 [pid 5158] close(4) = 0 [pid 5158] mkdir("./bus", 0777 [pid 5157] <... creat resumed>) = 4 [pid 5155] <... creat resumed>) = 4 [pid 5158] <... mkdir resumed>) = 0 [pid 5157] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5158] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5157] memfd_create("syzkaller", 0 [pid 5155] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5160] <... write resumed>) = 524288 [pid 5159] <... mount resumed>) = 0 [pid 5157] <... memfd_create resumed>) = 5 [pid 5156] <... creat resumed>) = 4 [pid 5158] <... mount resumed>) = 0 [pid 5158] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] <... openat resumed>) = 3 [pid 5155] memfd_create("syzkaller", 0 [pid 5160] munmap(0x7f6220e00000, 138412032 [pid 5158] chdir("./bus" [pid 5157] <... mmap resumed>) = 0x7f6220e00000 [pid 5155] <... memfd_create resumed>) = 5 [pid 5160] <... munmap resumed>) = 0 [pid 5159] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5158] <... chdir resumed>) = 0 [pid 5157] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] rename("./bus", "./file2" [pid 5159] <... openat resumed>) = 3 [pid 5158] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5156] <... rename resumed>) = -1 EEXIST (File exists) [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5155] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5160] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5158] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5156] memfd_create("syzkaller", 0 [pid 5159] chdir("./bus" [pid 5160] <... openat resumed>) = 4 [pid 5159] <... chdir resumed>) = 0 [pid 5158] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5156] <... memfd_create resumed>) = 5 [pid 5159] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5159] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5158] <... symlink resumed>) = 0 [pid 5156] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5158] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5160] <... ioctl resumed>) = 0 [pid 5159] <... symlink resumed>) = 0 [pid 5156] <... write resumed>) = 524288 [pid 5155] <... write resumed>) = 524288 [pid 5155] munmap(0x7f6220e00000, 138412032 [pid 5160] close(3 [pid 5159] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5155] <... munmap resumed>) = 0 [pid 5160] <... close resumed>) = 0 [pid 5159] <... creat resumed>) = 4 [pid 5158] <... creat resumed>) = 4 [pid 5157] <... write resumed>) = 524288 [pid 5156] munmap(0x7f6220e00000, 138412032 [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5160] close(4 [pid 5159] rename("./bus", "./file2" [pid 5158] rename("./bus", "./file2" [pid 5155] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5160] <... close resumed>) = 0 [pid 5159] <... rename resumed>) = -1 EEXIST (File exists) [pid 5158] <... rename resumed>) = -1 EEXIST (File exists) [pid 5157] munmap(0x7f6220e00000, 138412032 [pid 5156] <... munmap resumed>) = 0 [pid 5155] close(5 [pid 5160] mkdir("./bus", 0777 [pid 5159] memfd_create("syzkaller", 0 [pid 5158] memfd_create("syzkaller", 0 [pid 5157] <... munmap resumed>) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5155] <... close resumed>) = 0 [pid 5159] <... memfd_create resumed>) = 5 [pid 5158] <... memfd_create resumed>) = 5 [pid 5156] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5160] <... mkdir resumed>) = 0 [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5156] close(5 [pid 5159] <... mmap resumed>) = 0x7f6220e00000 [pid 5158] <... mmap resumed>) = 0x7f6220e00000 [pid 5157] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5160] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5159] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5156] <... close resumed>) = 0 [pid 5158] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5157] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 118.994317][ T5160] loop2: detected capacity change from 0 to 1024 [pid 5158] <... write resumed>) = 524288 [pid 5157] close(5 [pid 5159] <... write resumed>) = 524288 [pid 5156] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5155] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5158] munmap(0x7f6220e00000, 138412032 [pid 5160] <... mount resumed>) = 0 [pid 5158] <... munmap resumed>) = 0 [pid 5156] <... open resumed>) = 5 [pid 5155] <... open resumed>) = 5 [pid 5160] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5155] ftruncate(5, 0 [pid 5160] <... openat resumed>) = 3 [pid 5155] <... ftruncate resumed>) = 0 [pid 5160] chdir("./bus" [pid 5158] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5155] exit_group(0 [pid 5160] <... chdir resumed>) = 0 [pid 5158] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5156] ftruncate(5, 0 [pid 5155] <... exit_group resumed>) = ? [pid 5160] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5159] munmap(0x7f6220e00000, 138412032 [pid 5158] close(5 [pid 5156] <... ftruncate resumed>) = 0 [pid 5160] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5158] <... close resumed>) = 0 [pid 5159] <... munmap resumed>) = 0 [pid 5156] exit_group(0) = ? [pid 5160] <... symlink resumed>) = 0 [pid 5157] <... close resumed>) = 0 [pid 5156] +++ exited with 0 +++ [pid 5160] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5159] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5155] +++ exited with 0 +++ [pid 5095] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] close(5 [pid 5095] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5160] <... creat resumed>) = 4 [pid 5159] <... close resumed>) = 0 [pid 5157] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] <... openat resumed>) = 3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5158] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5095] newfstatat(3, "", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5160] rename("./bus", "./file2" [pid 5158] <... open resumed>) = 5 [pid 5095] getdents64(3, [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5158] ftruncate(5, 0) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5159] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5158] exit_group(0 [pid 5160] <... rename resumed>) = -1 EEXIST (File exists) [pid 5158] <... exit_group resumed>) = ? [pid 5157] <... open resumed>) = 5 [pid 5095] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = 0 [pid 5158] +++ exited with 0 +++ [pid 5160] memfd_create("syzkaller", 0 [pid 5157] ftruncate(5, 0 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5092] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5160] <... memfd_create resumed>) = 5 [pid 5092] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5157] <... ftruncate resumed>) = 0 [pid 5092] getdents64(3, [pid 5089] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5160] <... mmap resumed>) = 0x7f6220e00000 [pid 5157] exit_group(0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] newfstatat(AT_FDCWD, "./9/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5157] <... exit_group resumed>) = ? [pid 5089] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5159] <... open resumed>) = 5 [pid 5089] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5160] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5159] ftruncate(5, 0 [pid 5089] close(4 [pid 5159] <... ftruncate resumed>) = 0 [pid 5157] +++ exited with 0 +++ [pid 5092] <... umount2 resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5159] exit_group(0 [pid 5095] <... umount2 resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5089] rmdir("./9/bus" [pid 5159] <... exit_group resumed>) = ? [pid 5159] +++ exited with 0 +++ [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5089] <... rmdir resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5092] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./9/bus", [pid 5095] newfstatat(AT_FDCWD, "./9/bus", [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5160] <... write resumed>) = 524288 [pid 5094] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... openat resumed>) = 4 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5089] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] newfstatat(4, "", [pid 5095] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] <... openat resumed>) = 3 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5094] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(4, "", [pid 5094] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5089] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5160] munmap(0x7f6220e00000, 138412032 [pid 5095] getdents64(4, [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] unlink("./9/binderfs" [pid 5160] <... munmap resumed>) = 0 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] <... close resumed>) = 0 [pid 5092] close(4 [pid 5095] rmdir("./9/bus" [pid 5092] <... close resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] rmdir("./9/bus") = 0 [pid 5095] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5092] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] unlink("./9/binderfs" [pid 5092] unlink("./9/binderfs" [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5095] getdents64(3, [pid 5092] getdents64(3, [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] close(3 [pid 5092] close(3 [pid 5095] <... close resumed>) = 0 [pid 5160] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5092] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... unlink resumed>) = 0 [pid 5095] rmdir("./9") = 0 [pid 5095] mkdir("./10", 0777 [pid 5094] <... umount2 resumed>) = 0 [pid 5089] getdents64(3, [pid 5160] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... mkdir resumed>) = 0 [pid 5094] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... openat resumed>) = 3 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5160] close(5 [pid 5090] newfstatat(3, "", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] close(3 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] rmdir("./9" [pid 5095] <... openat resumed>) = 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5092] mkdir("./10", 0777) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] newfstatat(AT_FDCWD, "./9/bus", [pid 5092] <... openat resumed>) = 3 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... close resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5160] <... close resumed>) = 0 [pid 5094] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... ioctl resumed>) = 0 [pid 5090] getdents64(3, [pid 5089] rmdir("./9" [pid 5160] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] close(3) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... rmdir resumed>) = 0 [pid 5160] <... open resumed>) = 5 [pid 5089] mkdir("./10", 0777 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5161 ./strace-static-x86_64: Process 5161 attached [pid 5160] ftruncate(5, 0 [pid 5094] <... openat resumed>) = 4 [pid 5089] <... mkdir resumed>) = 0 [pid 5160] <... ftruncate resumed>) = 0 [pid 5094] newfstatat(4, "", [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5160] exit_group(0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5161] set_robust_list(0x5555645e8660, 24 [pid 5160] <... exit_group resumed>) = ? [pid 5094] getdents64(4, [pid 5089] <... openat resumed>) = 3 [pid 5161] <... set_robust_list resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5161] chdir("./10" [pid 5160] +++ exited with 0 +++ [pid 5095] <... ioctl resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5161] <... chdir resumed>) = 0 [pid 5094] getdents64(4, [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] close(4 [pid 5091] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5161] <... prctl resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5161] setpgid(0, 0 [pid 5094] rmdir("./9/bus" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... setpgid resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5091] newfstatat(3, "", [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(3, [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5161] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5161] write(3, "1000", 4 [pid 5095] close(3) = 0 [pid 5094] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5161] <... write resumed>) = 4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] close(3 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] newfstatat(AT_FDCWD, "./9/bus", [pid 5161] <... close resumed>) = 0 [pid 5094] unlink("./9/binderfs" [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5161] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5090] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5161] <... symlink resumed>) = 0 [pid 5094] getdents64(3, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] memfd_create("syzkaller", 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5161] <... memfd_create resumed>) = 3 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5162 [pid 5094] close(3 [pid 5090] <... openat resumed>) = 4 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./9/bus", [pid 5090] newfstatat(4, "", [pid 5094] rmdir("./9" [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5091] umount2("./9/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] getdents64(4, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5162 attached [pid 5161] <... mmap resumed>) = 0x7f6220e00000 [pid 5094] mkdir("./10", 0777 [pid 5091] openat(AT_FDCWD, "./9/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5162] set_robust_list(0x5555645e8660, 24 [pid 5091] <... openat resumed>) = 4 [pid 5090] getdents64(4, [pid 5162] <... set_robust_list resumed>) = 0 [pid 5091] newfstatat(4, "", [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5162] chdir("./10" [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] close(4 [pid 5162] <... chdir resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] rmdir("./9/bus" [pid 5162] <... prctl resumed>) = 0 [pid 5162] setpgid(0, 0) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5162] write(3, "1000", 4) = 4 [pid 5162] close(3) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] <... mkdir resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5162] memfd_create("syzkaller", 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] getdents64(4, [pid 5090] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5091] <... close resumed>) = 0 [pid 5090] unlink("./9/binderfs" [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] rmdir("./9/bus" [pid 5162] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] <... unlink resumed>) = 0 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] <... rmdir resumed>) = 0 [pid 5090] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5161] <... write resumed>) = 524288 [pid 5091] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] close(3 [pid 5089] <... ioctl resumed>) = 0 [pid 5162] <... write resumed>) = 524288 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5089] close(3 [pid 5162] munmap(0x7f6220e00000, 138412032 [pid 5161] munmap(0x7f6220e00000, 138412032 [pid 5090] rmdir("./9" [pid 5162] <... munmap resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5089] <... close resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5162] ioctl(4, LOOP_SET_FD, 3 [pid 5161] <... munmap resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5091] unlink("./9/binderfs" [pid 5090] <... rmdir resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... unlink resumed>) = 0 [pid 5091] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5090] mkdir("./10", 0777 [pid 5091] rmdir("./9") = 0 [pid 5091] mkdir("./10", 0777) = 0 [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5091] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5163 attached [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] close(3 [pid 5090] <... mkdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5163 [pid 5163] set_robust_list(0x5555645e8660, 24 [pid 5094] <... close resumed>) = 0 [pid 5163] <... set_robust_list resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5161] <... openat resumed>) = 4 [pid 5162] <... ioctl resumed>) = 0 [pid 5162] close(3) = 0 [pid 5162] close(4) = 0 [pid 5163] chdir("./10" [pid 5162] mkdir("./bus", 0777 [pid 5161] ioctl(4, LOOP_SET_FD, 3 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5164 attached [pid 5163] <... chdir resumed>) = 0 [pid 5162] <... mkdir resumed>) = 0 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5162] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5164 [pid 5164] set_robust_list(0x5555645e8660, 24 [pid 5163] <... prctl resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5164] <... set_robust_list resumed>) = 0 [pid 5163] setpgid(0, 0 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5164] chdir("./10" [pid 5163] <... setpgid resumed>) = 0 [pid 5164] <... chdir resumed>) = 0 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5161] <... ioctl resumed>) = 0 [pid 5164] <... prctl resumed>) = 0 [pid 5163] <... openat resumed>) = 3 [pid 5161] close(3 [pid 5163] write(3, "1000", 4 [pid 5164] setpgid(0, 0 [pid 5161] <... close resumed>) = 0 [pid 5164] <... setpgid resumed>) = 0 [pid 5163] <... write resumed>) = 4 [pid 5161] close(4 [pid 5163] close(3 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5163] <... close resumed>) = 0 [pid 5161] <... close resumed>) = 0 [pid 5163] symlink("/dev/binderfs", "./binderfs" [pid 5161] mkdir("./bus", 0777 [pid 5163] <... symlink resumed>) = 0 [pid 5161] <... mkdir resumed>) = 0 [pid 5164] <... openat resumed>) = 3 [pid 5163] memfd_create("syzkaller", 0 [pid 5164] write(3, "1000", 4 [pid 5162] <... mount resumed>) = 0 [pid 5161] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5162] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5164] <... write resumed>) = 4 [pid 5163] <... memfd_create resumed>) = 3 [pid 5162] <... openat resumed>) = 3 [pid 5162] chdir("./bus" [pid 5164] close(3 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5162] <... chdir resumed>) = 0 [pid 5164] <... close resumed>) = 0 [pid 5163] <... mmap resumed>) = 0x7f6220e00000 [pid 5162] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5164] symlink("/dev/binderfs", "./binderfs" [pid 5162] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5162] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5164] <... symlink resumed>) = 0 [pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5162] <... symlink resumed>) = 0 [ 119.338161][ T5162] loop5: detected capacity change from 0 to 1024 [ 119.370260][ T5161] loop3: detected capacity change from 0 to 1024 [pid 5162] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5164] memfd_create("syzkaller", 0) = 3 [pid 5162] <... creat resumed>) = 4 [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5162] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5163] <... write resumed>) = 524288 [pid 5161] <... mount resumed>) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5162] memfd_create("syzkaller", 0 [pid 5163] munmap(0x7f6220e00000, 138412032 [pid 5162] <... memfd_create resumed>) = 5 [pid 5161] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5091] close(3 [pid 5163] <... munmap resumed>) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5091] <... close resumed>) = 0 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5162] <... mmap resumed>) = 0x7f6220e00000 [pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5161] chdir("./bus" [pid 5090] close(3) = 0 ./strace-static-x86_64: Process 5165 attached [pid 5164] <... write resumed>) = 524288 [pid 5163] <... openat resumed>) = 4 [pid 5162] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5161] <... chdir resumed>) = 0 [pid 5165] set_robust_list(0x5555645e8660, 24 [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5165 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5165] <... set_robust_list resumed>) = 0 [pid 5163] <... ioctl resumed>) = 0 [pid 5161] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5165] chdir("./10" [pid 5164] munmap(0x7f6220e00000, 138412032 [pid 5161] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5164] <... munmap resumed>) = 0 [pid 5165] <... chdir resumed>) = 0 [pid 5161] <... symlink resumed>) = 0 [pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5161] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5165] <... prctl resumed>) = 0 [pid 5165] setpgid(0, 0) = 0 [pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5166 [pid 5164] <... openat resumed>) = 4 [pid 5164] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5166 attached ) = 0 [pid 5166] set_robust_list(0x5555645e8660, 24 [pid 5165] <... openat resumed>) = 3 [pid 5166] <... set_robust_list resumed>) = 0 [pid 5161] <... creat resumed>) = 4 [pid 5165] write(3, "1000", 4 [pid 5161] rename("./bus", "./file2" [pid 5166] chdir("./10" [pid 5165] <... write resumed>) = 4 [pid 5162] <... write resumed>) = 524288 [pid 5161] <... rename resumed>) = -1 EEXIST (File exists) [pid 5165] close(3 [pid 5161] memfd_create("syzkaller", 0 [pid 5165] <... close resumed>) = 0 [pid 5161] <... memfd_create resumed>) = 5 [pid 5165] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5165] memfd_create("syzkaller", 0 [pid 5163] close(3 [pid 5162] munmap(0x7f6220e00000, 138412032 [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5163] <... close resumed>) = 0 [pid 5162] <... munmap resumed>) = 0 [pid 5161] <... mmap resumed>) = 0x7f6220e00000 [pid 5166] <... chdir resumed>) = 0 [pid 5163] close(4 [pid 5161] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5163] <... close resumed>) = 0 [pid 5166] setpgid(0, 0 [pid 5165] <... memfd_create resumed>) = 3 [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5163] mkdir("./bus", 0777 [pid 5162] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5166] <... setpgid resumed>) = 0 [pid 5163] <... mkdir resumed>) = 0 [pid 5162] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5165] <... mmap resumed>) = 0x7f6220e00000 [pid 5162] close(5 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5164] close(3 [pid 5162] <... close resumed>) = 0 [pid 5166] write(3, "1000", 4 [pid 5165] <... write resumed>) = 524288 [pid 5164] <... close resumed>) = 0 [pid 5163] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5162] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5161] <... write resumed>) = 524288 [pid 5166] <... write resumed>) = 4 [pid 5164] close(4) = 0 [ 119.467583][ T5163] loop0: detected capacity change from 0 to 1024 [ 119.487900][ T5164] loop4: detected capacity change from 0 to 1024 [pid 5166] close(3 [pid 5164] mkdir("./bus", 0777 [pid 5166] <... close resumed>) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs" [pid 5164] <... mkdir resumed>) = 0 [pid 5163] <... mount resumed>) = 0 [pid 5161] munmap(0x7f6220e00000, 138412032 [pid 5163] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5161] <... munmap resumed>) = 0 [pid 5163] <... openat resumed>) = 3 [pid 5166] <... symlink resumed>) = 0 [pid 5164] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5163] chdir("./bus") = 0 [pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5163] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5166] memfd_create("syzkaller", 0) = 3 [pid 5162] <... open resumed>) = 5 [pid 5161] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5161] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5161] close(5 [pid 5165] munmap(0x7f6220e00000, 138412032 [pid 5163] <... symlink resumed>) = 0 [pid 5162] ftruncate(5, 0 [pid 5166] <... mmap resumed>) = 0x7f6220e00000 [pid 5165] <... munmap resumed>) = 0 [pid 5163] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5162] <... ftruncate resumed>) = 0 [pid 5162] exit_group(0) = ? [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5162] +++ exited with 0 +++ [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5095] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5165] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5163] <... creat resumed>) = 4 [pid 5165] <... openat resumed>) = 4 [pid 5163] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5165] ioctl(4, LOOP_SET_FD, 3 [pid 5163] memfd_create("syzkaller", 0 [pid 5161] <... close resumed>) = 0 [pid 5166] <... write resumed>) = 524288 [pid 5161] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5166] munmap(0x7f6220e00000, 138412032 [pid 5164] <... mount resumed>) = 0 [pid 5166] <... munmap resumed>) = 0 [pid 5164] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5163] <... memfd_create resumed>) = 5 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5161] <... open resumed>) = 5 [pid 5164] <... openat resumed>) = 3 [pid 5163] <... mmap resumed>) = 0x7f6220e00000 [pid 5161] ftruncate(5, 0 [pid 5166] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5164] chdir("./bus" [pid 5163] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5161] <... ftruncate resumed>) = 0 [pid 5164] <... chdir resumed>) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5166] <... openat resumed>) = 4 [pid 5164] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 5164] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5161] exit_group(0 [pid 5095] <... umount2 resumed>) = 0 [pid 5161] <... exit_group resumed>) = ? [pid 5095] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5161] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./10/bus", [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... openat resumed>) = 4 [pid 5092] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] newfstatat(4, "", [pid 5092] <... openat resumed>) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5166] <... ioctl resumed>) = 0 [pid 5165] <... ioctl resumed>) = 0 [pid 5164] <... symlink resumed>) = 0 [pid 5163] <... write resumed>) = 524288 [pid 5095] getdents64(4, [pid 5166] close(3 [pid 5165] close(3 [pid 5164] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5163] munmap(0x7f6220e00000, 138412032 [pid 5166] <... close resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, [pid 5166] close(4 [pid 5165] close(4 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5165] <... close resumed>) = 0 [pid 5095] close(4 [pid 5092] <... umount2 resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./10/bus" [pid 5166] <... close resumed>) = 0 [pid 5165] mkdir("./bus", 0777 [pid 5163] <... munmap resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5165] <... mkdir resumed>) = 0 [pid 5095] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5164] <... creat resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] mkdir("./bus", 0777 [pid 5164] rename("./bus", "./file2" [pid 5095] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5092] newfstatat(AT_FDCWD, "./10/bus", [pid 5166] <... mkdir resumed>) = 0 [pid 5165] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5164] <... rename resumed>) = -1 EEXIST (File exists) [pid 5163] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] unlink("./10/binderfs" [pid 5092] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5164] memfd_create("syzkaller", 0) = 5 [pid 5163] close(5 [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] getdents64(3, [pid 5092] newfstatat(4, "", [ 119.605882][ T5165] loop2: detected capacity change from 0 to 1024 [ 119.627771][ T5166] loop1: detected capacity change from 0 to 1024 [pid 5164] <... mmap resumed>) = 0x7f6220e00000 [pid 5163] <... close resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5164] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] close(3 [pid 5092] getdents64(4, [pid 5095] <... close resumed>) = 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5165] <... mount resumed>) = 0 [pid 5095] rmdir("./10" [pid 5092] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] close(4 [pid 5165] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] <... close resumed>) = 0 [pid 5165] chdir("./bus" [pid 5092] rmdir("./10/bus" [pid 5165] <... chdir resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5165] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5095] mkdir("./11", 0777 [pid 5165] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5164] <... write resumed>) = 524288 [pid 5163] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5165] <... symlink resumed>) = 0 [pid 5164] munmap(0x7f6220e00000, 138412032 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5164] <... munmap resumed>) = 0 [pid 5092] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5165] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5166] <... mount resumed>) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] unlink("./10/binderfs" [pid 5166] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5165] <... creat resumed>) = 4 [pid 5164] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5092] <... unlink resumed>) = 0 [pid 5166] <... openat resumed>) = 3 [pid 5165] rename("./bus", "./file2" [pid 5164] close(5 [pid 5166] chdir("./bus" [pid 5165] <... rename resumed>) = -1 EEXIST (File exists) [pid 5165] memfd_create("syzkaller", 0) = 5 [pid 5092] getdents64(3, [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3 [pid 5166] <... chdir resumed>) = 0 [pid 5165] <... mmap resumed>) = 0x7f6220e00000 [pid 5163] <... open resumed>) = 5 [pid 5092] <... close resumed>) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5166] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5163] ftruncate(5, 0 [pid 5092] rmdir("./10" [pid 5163] <... ftruncate resumed>) = 0 [pid 5092] <... rmdir resumed>) = 0 [pid 5163] exit_group(0) = ? [pid 5165] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5163] +++ exited with 0 +++ [pid 5166] <... symlink resumed>) = 0 [pid 5092] mkdir("./11", 0777 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5089] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5164] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5166] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5089] newfstatat(3, "", [pid 5092] <... mkdir resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5164] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5089] <... umount2 resumed>) = 0 [pid 5166] <... creat resumed>) = 4 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5166] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5166] memfd_create("syzkaller", 0) = 5 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5164] <... open resumed>) = 5 [pid 5164] ftruncate(5, 0 [pid 5166] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5165] <... write resumed>) = 524288 [pid 5164] <... ftruncate resumed>) = 0 [pid 5089] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./10/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5165] munmap(0x7f6220e00000, 138412032 [pid 5164] exit_group(0 [pid 5089] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5164] <... exit_group resumed>) = ? [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... ioctl resumed>) = 0 [pid 5166] <... write resumed>) = 524288 [pid 5165] <... munmap resumed>) = 0 [pid 5164] +++ exited with 0 +++ [pid 5095] close(3 [pid 5092] <... ioctl resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5165] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... close resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5165] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... openat resumed>) = 4 [pid 5165] close(5 [pid 5094] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(4, "", [pid 5094] newfstatat(3, "", ./strace-static-x86_64: Process 5167 attached [pid 5165] <... close resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5167] set_robust_list(0x5555645e8660, 24 [pid 5089] getdents64(4, [pid 5167] <... set_robust_list resumed>) = 0 [pid 5166] munmap(0x7f6220e00000, 138412032 [pid 5167] chdir("./11" [pid 5166] <... munmap resumed>) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5167 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5167] <... chdir resumed>) = 0 [pid 5089] getdents64(4, [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4 [pid 5167] <... prctl resumed>) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5094] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5167] setpgid(0, 0 [pid 5089] rmdir("./10/bus" [pid 5167] <... setpgid resumed>) = 0 [pid 5166] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] close(3 [pid 5094] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] <... rmdir resumed>) = 0 [pid 5166] close(5 [pid 5167] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = 0 [pid 5089] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5167] write(3, "1000", 4 [pid 5165] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5167] <... write resumed>) = 4 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5168 [pid 5167] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5167] <... close resumed>) = 0 [pid 5167] symlink("/dev/binderfs", "./binderfs" [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5168 attached [pid 5168] set_robust_list(0x5555645e8660, 24) = 0 [pid 5168] chdir("./11") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] setpgid(0, 0 [pid 5167] <... symlink resumed>) = 0 [pid 5166] <... close resumed>) = 0 [pid 5089] unlink("./10/binderfs" [pid 5168] <... setpgid resumed>) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] <... unlink resumed>) = 0 [pid 5168] <... openat resumed>) = 3 [pid 5167] memfd_create("syzkaller", 0 [pid 5168] write(3, "1000", 4 [pid 5167] <... memfd_create resumed>) = 3 [pid 5166] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5165] <... open resumed>) = 5 [pid 5094] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(3, [pid 5168] <... write resumed>) = 4 [pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5168] close(3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5168] <... close resumed>) = 0 [pid 5167] <... mmap resumed>) = 0x7f6220e00000 [pid 5165] ftruncate(5, 0 [pid 5094] newfstatat(AT_FDCWD, "./10/bus", [pid 5089] close(3 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... close resumed>) = 0 [pid 5168] symlink("/dev/binderfs", "./binderfs" [pid 5165] <... ftruncate resumed>) = 0 [pid 5094] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] rmdir("./10" [pid 5168] <... symlink resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5089] mkdir("./11", 0777 [pid 5168] memfd_create("syzkaller", 0 [pid 5166] <... open resumed>) = 5 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... mkdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5094] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5168] <... memfd_create resumed>) = 3 [pid 5166] ftruncate(5, 0 [pid 5165] exit_group(0 [pid 5094] <... openat resumed>) = 4 [pid 5089] <... openat resumed>) = 3 [pid 5166] <... ftruncate resumed>) = 0 [pid 5094] newfstatat(4, "", [pid 5165] <... exit_group resumed>) = ? [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5168] <... mmap resumed>) = 0x7f6220e00000 [pid 5094] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5166] exit_group(0 [pid 5094] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5166] <... exit_group resumed>) = ? [pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5165] +++ exited with 0 +++ [pid 5094] close(4 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5094] <... close resumed>) = 0 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] rmdir("./10/bus" [pid 5091] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] <... rmdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5166] +++ exited with 0 +++ [pid 5091] <... openat resumed>) = 3 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5090] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5168] <... write resumed>) = 524288 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... openat resumed>) = 3 [pid 5168] munmap(0x7f6220e00000, 138412032 [pid 5167] <... write resumed>) = 524288 [pid 5094] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5091] newfstatat(3, "", [pid 5090] newfstatat(3, "", [pid 5168] <... munmap resumed>) = 0 [pid 5167] munmap(0x7f6220e00000, 138412032 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] unlink("./10/binderfs" [pid 5091] getdents64(3, [pid 5167] <... munmap resumed>) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5091] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5168] ioctl(4, LOOP_SET_FD, 3 [pid 5167] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] getdents64(3, [pid 5090] getdents64(3, [pid 5168] <... ioctl resumed>) = 0 [pid 5167] <... openat resumed>) = 4 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5167] ioctl(4, LOOP_SET_FD, 3 [pid 5094] close(3) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5094] rmdir("./10") = 0 [pid 5094] mkdir("./11", 0777) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5168] close(3) = 0 [pid 5168] close(4) = 0 [pid 5168] mkdir("./bus", 0777) = 0 [pid 5168] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5089] close(3 [pid 5167] <... ioctl resumed>) = 0 [pid 5167] close(3) = 0 [pid 5167] close(4) = 0 [pid 5167] mkdir("./bus", 0777) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555645e8650) = 5169 [pid 5168] <... mount resumed>) = 0 [pid 5168] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5168] chdir("./bus") = 0 [pid 5168] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5168] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5167] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, ""./strace-static-x86_64: Process 5169 attached [pid 5091] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5167] <... mount resumed>) = 0 [pid 5167] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [ 119.909728][ T5168] loop3: detected capacity change from 0 to 1024 [ 119.918197][ T5167] loop5: detected capacity change from 0 to 1024 [pid 5167] chdir("./bus") = 0 [pid 5169] set_robust_list(0x5555645e8660, 24 [pid 5094] <... ioctl resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = 0 [pid 5169] <... set_robust_list resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./10/bus", [pid 5090] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5167] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5169] chdir("./11" [pid 5167] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./10/bus", [pid 5091] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5169] <... chdir resumed>) = 0 [pid 5168] <... symlink resumed>) = 0 [pid 5091] <... openat resumed>) = 4 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5168] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5167] <... symlink resumed>) = 0 [pid 5091] newfstatat(4, "", [pid 5090] umount2("./10/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5169] setpgid(0, 0) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./10/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(4, [pid 5168] <... creat resumed>) = 4 [pid 5167] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] <... openat resumed>) = 4 [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] getdents64(4, [pid 5090] newfstatat(4, "", [pid 5169] <... openat resumed>) = 3 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] close(4 [pid 5090] getdents64(4, [pid 5091] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5168] rename("./bus", "./file2" [pid 5091] rmdir("./10/bus" [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5168] <... rename resumed>) = -1 EEXIST (File exists) [pid 5090] rmdir("./10/bus" [pid 5167] <... creat resumed>) = 4 [pid 5168] memfd_create("syzkaller", 0 [pid 5167] rename("./bus", "./file2" [pid 5168] <... memfd_create resumed>) = 5 [pid 5090] <... rmdir resumed>) = 0 [pid 5094] close(3) = 0 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5169] write(3, "1000", 4 [pid 5168] <... mmap resumed>) = 0x7f6220e00000 [pid 5167] <... rename resumed>) = -1 EEXIST (File exists) [pid 5091] <... rmdir resumed>) = 0 [pid 5169] <... write resumed>) = 4 [pid 5090] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5169] close(3 [pid 5168] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5167] memfd_create("syzkaller", 0) = 5 [pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5167] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5170 ./strace-static-x86_64: Process 5170 attached [pid 5170] set_robust_list(0x5555645e8660, 24) = 0 [pid 5170] chdir("./11") = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] setpgid(0, 0) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5169] <... close resumed>) = 0 [pid 5168] <... write resumed>) = 524288 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5091] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5170] <... openat resumed>) = 3 [pid 5169] <... symlink resumed>) = 0 [pid 5091] unlink("./10/binderfs" [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5170] write(3, "1000", 4 [pid 5091] <... unlink resumed>) = 0 [pid 5090] unlink("./10/binderfs" [pid 5170] <... write resumed>) = 4 [pid 5170] close(3) = 0 [pid 5169] memfd_create("syzkaller", 0 [pid 5170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5169] <... memfd_create resumed>) = 3 [pid 5091] getdents64(3, [pid 5090] <... unlink resumed>) = 0 [pid 5090] getdents64(3, [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] close(3 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] <... close resumed>) = 0 [pid 5090] close(3 [pid 5091] rmdir("./10" [pid 5090] <... close resumed>) = 0 [pid 5168] munmap(0x7f6220e00000, 138412032 [pid 5167] <... write resumed>) = 524288 [pid 5091] <... rmdir resumed>) = 0 [pid 5170] memfd_create("syzkaller", 0 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5168] <... munmap resumed>) = 0 [pid 5167] munmap(0x7f6220e00000, 138412032 [pid 5091] mkdir("./11", 0777 [pid 5090] rmdir("./10" [pid 5169] <... mmap resumed>) = 0x7f6220e00000 [pid 5167] <... munmap resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5170] <... memfd_create resumed>) = 3 [pid 5168] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5167] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... mkdir resumed>) = 0 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5168] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5167] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] mkdir("./11", 0777 [pid 5170] <... mmap resumed>) = 0x7f6220e00000 [pid 5168] close(5 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5169] <... write resumed>) = 524288 [pid 5168] <... close resumed>) = 0 [pid 5167] close(5 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... mkdir resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5167] <... close resumed>) = 0 [pid 5169] munmap(0x7f6220e00000, 138412032 [pid 5168] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5169] <... munmap resumed>) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5169] ioctl(4, LOOP_SET_FD, 3 [pid 5168] <... open resumed>) = 5 [pid 5168] ftruncate(5, 0 [pid 5167] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5168] <... ftruncate resumed>) = 0 [pid 5168] exit_group(0) = ? [pid 5170] <... write resumed>) = 524288 [pid 5170] munmap(0x7f6220e00000, 138412032) = 0 [pid 5167] <... open resumed>) = 5 [pid 5090] <... ioctl resumed>) = 0 [pid 5168] +++ exited with 0 +++ [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5092] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5170] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5167] ftruncate(5, 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] <... ftruncate resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5170] <... openat resumed>) = 4 [pid 5092] getdents64(3, [pid 5169] <... ioctl resumed>) = 0 [pid 5091] <... ioctl resumed>) = 0 [pid 5090] close(3 [pid 5169] close(3 [pid 5170] ioctl(4, LOOP_SET_FD, 3 [pid 5167] exit_group(0 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5170] <... ioctl resumed>) = 0 [pid 5167] <... exit_group resumed>) = ? [pid 5092] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5169] <... close resumed>) = 0 [pid 5091] close(3 [pid 5090] <... close resumed>) = 0 [pid 5169] close(4) = 0 [pid 5167] +++ exited with 0 +++ [pid 5091] <... close resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5169] mkdir("./bus", 0777 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5169] <... mkdir resumed>) = 0 [pid 5169] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5171 ./strace-static-x86_64: Process 5171 attached [pid 5095] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5171] set_robust_list(0x5555645e8660, 24 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... set_robust_list resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 ./strace-static-x86_64: Process 5172 attached [pid 5171] chdir("./11" [pid 5170] close(3 [ 120.094841][ T5169] loop0: detected capacity change from 0 to 1024 [ 120.128380][ T5170] loop4: detected capacity change from 0 to 1024 [pid 5095] newfstatat(3, "", [pid 5092] <... umount2 resumed>) = 0 [pid 5172] set_robust_list(0x5555645e8660, 24 [pid 5171] <... chdir resumed>) = 0 [pid 5170] <... close resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5172 [pid 5172] <... set_robust_list resumed>) = 0 [pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5170] close(4 [pid 5095] getdents64(3, [pid 5170] <... close resumed>) = 0 [pid 5170] mkdir("./bus", 0777 [pid 5172] chdir("./11" [pid 5171] <... prctl resumed>) = 0 [pid 5170] <... mkdir resumed>) = 0 [pid 5169] <... mount resumed>) = 0 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5172] <... chdir resumed>) = 0 [pid 5171] setpgid(0, 0 [pid 5169] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5095] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5171] <... setpgid resumed>) = 0 [pid 5092] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] <... prctl resumed>) = 0 [pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5170] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5169] <... openat resumed>) = 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] setpgid(0, 0 [pid 5171] <... openat resumed>) = 3 [pid 5169] chdir("./bus" [pid 5172] <... setpgid resumed>) = 0 [pid 5171] write(3, "1000", 4 [pid 5169] <... chdir resumed>) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5171] <... write resumed>) = 4 [pid 5170] <... mount resumed>) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5092] newfstatat(AT_FDCWD, "./11/bus", [pid 5171] close(3) = 0 [pid 5170] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5169] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5172] <... openat resumed>) = 3 [pid 5171] symlink("/dev/binderfs", "./binderfs" [pid 5170] <... openat resumed>) = 3 [pid 5169] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5092] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5170] chdir("./bus" [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... symlink resumed>) = 0 [pid 5170] <... chdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5171] memfd_create("syzkaller", 0 [pid 5170] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... openat resumed>) = 4 [pid 5171] <... memfd_create resumed>) = 3 [pid 5170] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... umount2 resumed>) = 0 [pid 5092] newfstatat(4, "", [pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5172] write(3, "1000", 4 [pid 5171] <... mmap resumed>) = 0x7f6220e00000 [pid 5170] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5095] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] getdents64(4, [pid 5172] <... write resumed>) = 4 [pid 5171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] close(3 [pid 5169] <... symlink resumed>) = 0 [pid 5169] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5172] <... close resumed>) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] newfstatat(AT_FDCWD, "./11/bus", [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] getdents64(4, [pid 5172] memfd_create("syzkaller", 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] close(4) = 0 [pid 5092] rmdir("./11/bus" [pid 5172] <... memfd_create resumed>) = 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./11/binderfs") = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5095] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] rmdir("./11" [pid 5170] <... symlink resumed>) = 0 [pid 5169] <... creat resumed>) = 4 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] <... rmdir resumed>) = 0 [pid 5170] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5095] newfstatat(4, "", [pid 5169] rename("./bus", "./file2" [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(4, [pid 5092] mkdir("./12", 0777 [pid 5169] <... rename resumed>) = -1 EEXIST (File exists) [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] close(4 [pid 5170] <... creat resumed>) = 4 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./11/bus" [pid 5092] <... mkdir resumed>) = 0 [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] rename("./bus", "./file2" [pid 5169] memfd_create("syzkaller", 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5169] <... memfd_create resumed>) = 5 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] <... openat resumed>) = 3 [pid 5169] <... mmap resumed>) = 0x7f6220e00000 [pid 5170] <... rename resumed>) = -1 EEXIST (File exists) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5170] memfd_create("syzkaller", 0) = 5 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5169] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5171] <... write resumed>) = 524288 [pid 5095] unlink("./11/binderfs") = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5095] rmdir("./11" [pid 5171] munmap(0x7f6220e00000, 138412032) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5170] <... write resumed>) = 524288 [pid 5095] mkdir("./12", 0777) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5172] <... write resumed>) = 524288 [pid 5171] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5170] munmap(0x7f6220e00000, 138412032 [pid 5171] <... openat resumed>) = 4 [pid 5170] <... munmap resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5171] ioctl(4, LOOP_SET_FD, 3 [pid 5172] munmap(0x7f6220e00000, 138412032 [pid 5170] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5172] <... munmap resumed>) = 0 [pid 5170] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5170] close(5 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5172] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5169] <... write resumed>) = 524288 [pid 5169] munmap(0x7f6220e00000, 138412032 [pid 5171] <... ioctl resumed>) = 0 [pid 5171] close(3 [pid 5169] <... munmap resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5171] <... close resumed>) = 0 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5171] close(4 [pid 5169] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5171] <... close resumed>) = 0 [pid 5169] close(5 [pid 5170] <... close resumed>) = 0 [pid 5170] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5171] mkdir("./bus", 0777) = 0 [pid 5172] close(3 [pid 5170] <... open resumed>) = 5 [pid 5172] <... close resumed>) = 0 [pid 5172] close(4) = 0 [pid 5171] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5172] mkdir("./bus", 0777 [pid 5170] ftruncate(5, 0) = 0 [pid 5170] exit_group(0 [pid 5092] close(3 [pid 5172] <... mkdir resumed>) = 0 [pid 5170] <... exit_group resumed>) = ? [pid 5092] <... close resumed>) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5172] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5171] <... mount resumed>) = 0 [pid 5170] +++ exited with 0 +++ [pid 5171] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5094] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5171] <... openat resumed>) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] chdir("./bus" [pid 5094] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5171] <... chdir resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5171] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] newfstatat(3, "", [pid 5171] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 120.299747][ T5171] loop2: detected capacity change from 0 to 1024 [ 120.318489][ T5172] loop1: detected capacity change from 0 to 1024 [pid 5172] <... mount resumed>) = 0 [pid 5094] getdents64(3, [pid 5172] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 ./strace-static-x86_64: Process 5173 attached [pid 5172] <... openat resumed>) = 3 [pid 5094] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] chdir("./bus") = 0 [pid 5173] set_robust_list(0x5555645e8660, 24 [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5173 [pid 5172] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5171] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5173] <... set_robust_list resumed>) = 0 [pid 5172] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5173] chdir("./12" [pid 5171] <... symlink resumed>) = 0 [pid 5173] <... chdir resumed>) = 0 [pid 5172] <... symlink resumed>) = 0 [pid 5171] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5169] <... close resumed>) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5094] <... umount2 resumed>) = 0 [pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5169] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] close(3 [pid 5172] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] <... close resumed>) = 0 [pid 5173] <... prctl resumed>) = 0 [pid 5172] <... creat resumed>) = 4 [pid 5173] setpgid(0, 0 [pid 5172] rename("./bus", "./file2" [pid 5171] <... creat resumed>) = 4 [pid 5169] <... open resumed>) = 5 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5173] <... setpgid resumed>) = 0 [pid 5171] rename("./bus", "./file2" [pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 ./strace-static-x86_64: Process 5174 attached [pid 5172] <... rename resumed>) = -1 EEXIST (File exists) [pid 5171] <... rename resumed>) = -1 EEXIST (File exists) [pid 5169] ftruncate(5, 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] memfd_create("syzkaller", 0) = 5 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5171] memfd_create("syzkaller", 0 [pid 5094] newfstatat(AT_FDCWD, "./11/bus", [pid 5173] write(3, "1000", 4 [pid 5172] <... mmap resumed>) = 0x7f6220e00000 [pid 5169] <... ftruncate resumed>) = 0 [pid 5171] <... memfd_create resumed>) = 5 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5174 [pid 5174] set_robust_list(0x5555645e8660, 24) = 0 [pid 5173] <... write resumed>) = 4 [pid 5172] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] exit_group(0 [pid 5094] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5173] close(3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] chdir("./12" [pid 5094] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5173] <... close resumed>) = 0 [pid 5171] <... mmap resumed>) = 0x7f6220e00000 [pid 5169] <... exit_group resumed>) = ? [pid 5094] <... openat resumed>) = 4 [pid 5174] <... chdir resumed>) = 0 [pid 5173] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5173] memfd_create("syzkaller", 0) = 3 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] newfstatat(4, "", [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5173] <... mmap resumed>) = 0x7f6220e00000 [pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5169] +++ exited with 0 +++ [pid 5174] <... prctl resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5174] setpgid(0, 0 [pid 5094] getdents64(4, [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5171] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5174] <... setpgid resumed>) = 0 [pid 5172] <... write resumed>) = 524288 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5094] getdents64(4, [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5089] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5174] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", [pid 5094] rmdir("./11/bus" [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] write(3, "1000", 4 [pid 5171] <... write resumed>) = 524288 [pid 5094] <... rmdir resumed>) = 0 [pid 5094] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] <... write resumed>) = 4 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] munmap(0x7f6220e00000, 138412032 [pid 5094] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5173] <... write resumed>) = 524288 [pid 5171] <... munmap resumed>) = 0 [pid 5174] close(3 [pid 5094] unlink("./11/binderfs" [pid 5174] <... close resumed>) = 0 [pid 5173] munmap(0x7f6220e00000, 138412032 [pid 5172] munmap(0x7f6220e00000, 138412032 [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... unlink resumed>) = 0 [pid 5173] <... munmap resumed>) = 0 [pid 5174] <... symlink resumed>) = 0 [pid 5172] <... munmap resumed>) = 0 [pid 5094] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5173] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5172] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5173] <... openat resumed>) = 4 [pid 5172] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5173] ioctl(4, LOOP_SET_FD, 3 [pid 5172] close(5 [pid 5174] memfd_create("syzkaller", 0 [pid 5171] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] close(3 [pid 5089] <... umount2 resumed>) = 0 [pid 5171] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... close resumed>) = 0 [pid 5171] close(5 [pid 5094] rmdir("./11" [pid 5174] <... memfd_create resumed>) = 3 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5172] <... close resumed>) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5174] <... mmap resumed>) = 0x7f6220e00000 [pid 5172] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5171] <... close resumed>) = 0 [pid 5094] mkdir("./12", 0777 [pid 5173] <... ioctl resumed>) = 0 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5172] <... open resumed>) = 5 [pid 5171] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5094] <... mkdir resumed>) = 0 [pid 5089] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5172] ftruncate(5, 0) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5172] exit_group(0 [pid 5171] <... open resumed>) = 5 [pid 5094] <... openat resumed>) = 3 [pid 5089] newfstatat(AT_FDCWD, "./11/bus", [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5173] close(3) = 0 [pid 5171] ftruncate(5, 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5173] close(4) = 0 [pid 5171] <... ftruncate resumed>) = 0 [pid 5089] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5171] exit_group(0) = ? [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5173] mkdir("./bus", 0777 [pid 5172] <... exit_group resumed>) = ? [pid 5171] +++ exited with 0 +++ [pid 5089] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [ 120.467160][ T5173] loop3: detected capacity change from 0 to 1024 [pid 5172] +++ exited with 0 +++ [pid 5089] <... openat resumed>) = 4 [pid 5174] <... write resumed>) = 524288 [pid 5174] munmap(0x7f6220e00000, 138412032 [pid 5173] <... mkdir resumed>) = 0 [pid 5089] newfstatat(4, "", [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5173] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] <... munmap resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5089] getdents64(4, [pid 5174] <... openat resumed>) = 4 [pid 5091] newfstatat(3, "", [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(3, [pid 5173] <... mount resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5173] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5091] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5173] <... openat resumed>) = 3 [pid 5173] chdir("./bus") = 0 [pid 5173] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5173] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5090] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] getdents64(4, [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5173] <... symlink resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] close(4 [pid 5173] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5090] <... openat resumed>) = 3 [pid 5089] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5173] <... creat resumed>) = 4 [pid 5094] <... ioctl resumed>) = 0 [pid 5091] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] newfstatat(3, "", [pid 5089] rmdir("./11/bus" [pid 5174] close(3 [pid 5173] rename("./bus", "./file2" [pid 5094] close(3 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] <... close resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5174] <... close resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] newfstatat(AT_FDCWD, "./11/bus", [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] close(4) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] mkdir("./bus", 0777 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] <... mkdir resumed>) = 0 [pid 5091] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] getdents64(3, [pid 5089] newfstatat(AT_FDCWD, "./11/binderfs", ./strace-static-x86_64: Process 5175 attached [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5175 [pid 5175] set_robust_list(0x5555645e8660, 24 [pid 5091] <... openat resumed>) = 4 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5175] <... set_robust_list resumed>) = 0 [pid 5089] unlink("./11/binderfs" [pid 5091] newfstatat(4, "", [pid 5175] chdir("./12" [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... unlink resumed>) = 0 [pid 5091] getdents64(4, [pid 5174] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5089] getdents64(3, [pid 5175] <... chdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5091] close(4 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5175] <... prctl resumed>) = 0 [pid 5173] <... rename resumed>) = -1 EEXIST (File exists) [pid 5091] <... close resumed>) = 0 [pid 5089] close(3 [pid 5175] setpgid(0, 0 [pid 5091] rmdir("./11/bus" [pid 5175] <... setpgid resumed>) = 0 [pid 5173] memfd_create("syzkaller", 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./11") = 0 [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5089] mkdir("./12", 0777 [pid 5091] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 120.549952][ T5174] loop5: detected capacity change from 0 to 1024 [pid 5091] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] unlink("./11/binderfs") = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5091] getdents64(3, [pid 5173] <... memfd_create resumed>) = 5 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] close(3) = 0 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] rmdir("./11" [pid 5089] <... openat resumed>) = 3 [pid 5173] <... mmap resumed>) = 0x7f6220e00000 [pid 5091] <... rmdir resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5091] mkdir("./12", 0777 [pid 5175] <... openat resumed>) = 3 [pid 5174] <... mount resumed>) = 0 [pid 5173] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] <... mkdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5174] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5174] chdir("./bus") = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5175] write(3, "1000", 4 [pid 5174] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5091] <... openat resumed>) = 3 [pid 5175] <... write resumed>) = 4 [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5090] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./11/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5174] <... symlink resumed>) = 0 [pid 5090] umount2("./11/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./11/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5090] newfstatat(4, "", [pid 5175] close(3 [pid 5173] <... write resumed>) = 524288 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5174] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5090] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5175] <... close resumed>) = 0 [pid 5090] close(4 [pid 5175] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./11/bus" [pid 5174] <... creat resumed>) = 4 [pid 5090] <... rmdir resumed>) = 0 [pid 5175] <... symlink resumed>) = 0 [pid 5090] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5174] rename("./bus", "./file2" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] memfd_create("syzkaller", 0 [pid 5174] <... rename resumed>) = -1 EEXIST (File exists) [pid 5090] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] unlink("./11/binderfs" [pid 5175] <... memfd_create resumed>) = 3 [pid 5090] <... unlink resumed>) = 0 [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5174] memfd_create("syzkaller", 0 [pid 5090] getdents64(3, [pid 5174] <... memfd_create resumed>) = 5 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] close(3 [pid 5174] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./11") = 0 [pid 5090] mkdir("./12", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5174] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5173] munmap(0x7f6220e00000, 138412032 [pid 5089] <... ioctl resumed>) = 0 [pid 5173] <... munmap resumed>) = 0 [pid 5174] <... write resumed>) = 524288 [pid 5173] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... ioctl resumed>) = 0 [pid 5089] close(3 [pid 5173] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] <... close resumed>) = 0 [pid 5173] close(5 [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5174] munmap(0x7f6220e00000, 138412032) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5176 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5176 attached [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5176] set_robust_list(0x5555645e8660, 24 [pid 5174] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5176] <... set_robust_list resumed>) = 0 [pid 5175] <... write resumed>) = 524288 [pid 5174] close(5 [pid 5090] <... ioctl resumed>) = 0 [pid 5176] chdir("./12" [pid 5175] munmap(0x7f6220e00000, 138412032 [pid 5174] <... close resumed>) = 0 [pid 5173] <... close resumed>) = 0 [pid 5176] <... chdir resumed>) = 0 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5177 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5175] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5177 attached [pid 5176] <... prctl resumed>) = 0 [pid 5176] setpgid(0, 0 [pid 5177] set_robust_list(0x5555645e8660, 24 [pid 5175] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5177] <... set_robust_list resumed>) = 0 [pid 5177] chdir("./12" [pid 5176] <... setpgid resumed>) = 0 [pid 5177] <... chdir resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] <... openat resumed>) = 4 [pid 5173] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5176] <... openat resumed>) = 3 [pid 5176] write(3, "1000", 4 [pid 5177] <... prctl resumed>) = 0 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5176] <... write resumed>) = 4 [pid 5177] setpgid(0, 0 [pid 5176] close(3) = 0 [pid 5090] close(3 [pid 5176] symlink("/dev/binderfs", "./binderfs" [pid 5090] <... close resumed>) = 0 [pid 5176] <... symlink resumed>) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5176] memfd_create("syzkaller", 0) = 3 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5178 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5177] <... setpgid resumed>) = 0 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288./strace-static-x86_64: Process 5178 attached [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5178] set_robust_list(0x5555645e8660, 24) = 0 [pid 5178] chdir("./12") = 0 [pid 5173] <... open resumed>) = 5 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5173] ftruncate(5, 0 [pid 5178] <... prctl resumed>) = 0 [pid 5177] <... openat resumed>) = 3 [pid 5173] <... ftruncate resumed>) = 0 [pid 5178] setpgid(0, 0 [pid 5173] exit_group(0 [pid 5178] <... setpgid resumed>) = 0 [pid 5173] <... exit_group resumed>) = ? [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5176] <... write resumed>) = 524288 [pid 5178] <... openat resumed>) = 3 [pid 5173] +++ exited with 0 +++ [pid 5178] write(3, "1000", 4) = 4 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5178] close(3 [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5178] <... close resumed>) = 0 [pid 5092] <... restart_syscall resumed>) = 0 [pid 5178] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] memfd_create("syzkaller", 0 [pid 5177] write(3, "1000", 4 [pid 5175] <... ioctl resumed>) = 0 [pid 5174] <... open resumed>) = 5 [pid 5178] <... memfd_create resumed>) = 3 [pid 5177] <... write resumed>) = 4 [pid 5175] close(3 [pid 5174] ftruncate(5, 0 [pid 5092] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5177] close(3 [pid 5175] <... close resumed>) = 0 [pid 5174] <... ftruncate resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... mmap resumed>) = 0x7f6220e00000 [pid 5177] <... close resumed>) = 0 [pid 5175] close(4 [pid 5174] exit_group(0 [pid 5092] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5177] symlink("/dev/binderfs", "./binderfs" [pid 5175] <... close resumed>) = 0 [pid 5174] <... exit_group resumed>) = ? [pid 5177] <... symlink resumed>) = 0 [pid 5175] mkdir("./bus", 0777 [pid 5174] +++ exited with 0 +++ [pid 5092] <... openat resumed>) = 3 [pid 5092] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5177] memfd_create("syzkaller", 0 [pid 5175] <... mkdir resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5092] getdents64(3, [ 120.745407][ T5175] loop4: detected capacity change from 0 to 1024 [pid 5177] <... memfd_create resumed>) = 3 [pid 5175] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5095] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5176] munmap(0x7f6220e00000, 138412032 [pid 5092] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5176] <... munmap resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] newfstatat(3, "", [pid 5176] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5176] <... openat resumed>) = 4 [pid 5095] getdents64(3, [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5092] <... umount2 resumed>) = 0 [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5178] <... write resumed>) = 524288 [pid 5177] <... write resumed>) = 524288 [pid 5176] <... ioctl resumed>) = 0 [pid 5176] close(3) = 0 [pid 5176] close(4) = 0 [pid 5178] munmap(0x7f6220e00000, 138412032 [pid 5176] mkdir("./bus", 0777 [pid 5178] <... munmap resumed>) = 0 [pid 5176] <... mkdir resumed>) = 0 [pid 5176] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5095] <... umount2 resumed>) = 0 [pid 5175] <... mount resumed>) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5178] <... openat resumed>) = 4 [pid 5177] munmap(0x7f6220e00000, 138412032 [pid 5175] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5095] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5175] <... openat resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] chdir("./bus" [pid 5095] newfstatat(AT_FDCWD, "./12/bus", [pid 5177] <... munmap resumed>) = 0 [pid 5175] <... chdir resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5175] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5177] <... openat resumed>) = 4 [pid 5175] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] ioctl(4, LOOP_SET_FD, 3 [pid 5175] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5095] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 120.815200][ T5176] loop2: detected capacity change from 0 to 1024 [pid 5092] newfstatat(AT_FDCWD, "./12/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5177] <... ioctl resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [pid 5092] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(4, [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] getdents64(4, [pid 5092] <... openat resumed>) = 4 [pid 5092] newfstatat(4, "", [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5175] <... symlink resumed>) = 0 [pid 5095] close(4 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] rmdir("./12/bus" [pid 5176] <... mount resumed>) = 0 [pid 5092] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5176] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5092] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] close(4 [pid 5176] <... openat resumed>) = 3 [pid 5095] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] <... close resumed>) = 0 [pid 5176] chdir("./bus" [pid 5175] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] rmdir("./12/bus" [pid 5176] <... chdir resumed>) = 0 [pid 5095] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5092] <... rmdir resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] unlink("./12/binderfs" [pid 5176] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... unlink resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] getdents64(3, [pid 5176] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5175] <... creat resumed>) = 4 [pid 5095] close(3 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./12/binderfs" [pid 5095] <... close resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5175] rename("./bus", "./file2" [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./12") = 0 [pid 5176] <... symlink resumed>) = 0 [pid 5092] mkdir("./13", 0777) = 0 [pid 5176] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5175] <... rename resumed>) = -1 EEXIST (File exists) [pid 5175] memfd_create("syzkaller", 0 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] rmdir("./12" [pid 5092] <... openat resumed>) = 3 [pid 5178] <... ioctl resumed>) = 0 [pid 5177] close(3 [pid 5176] <... creat resumed>) = 4 [pid 5175] <... memfd_create resumed>) = 5 [pid 5178] close(3 [pid 5177] <... close resumed>) = 0 [pid 5176] rename("./bus", "./file2" [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5178] <... close resumed>) = 0 [pid 5177] close(4 [pid 5178] close(4 [pid 5177] <... close resumed>) = 0 [pid 5175] <... mmap resumed>) = 0x7f6220e00000 [pid 5178] <... close resumed>) = 0 [pid 5177] mkdir("./bus", 0777 [pid 5178] mkdir("./bus", 0777 [pid 5177] <... mkdir resumed>) = 0 [pid 5178] <... mkdir resumed>) = 0 [ 120.868523][ T5177] loop0: detected capacity change from 0 to 1024 [ 120.870262][ T5178] loop1: detected capacity change from 0 to 1024 [pid 5178] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5177] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5176] <... rename resumed>) = -1 EEXIST (File exists) [pid 5095] <... rmdir resumed>) = 0 [pid 5176] memfd_create("syzkaller", 0) = 5 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5095] mkdir("./13", 0777 [pid 5176] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5175] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5177] <... mount resumed>) = 0 [pid 5177] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5177] chdir("./bus") = 0 [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5177] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5176] <... write resumed>) = 524288 [pid 5175] <... write resumed>) = 524288 [pid 5178] <... mount resumed>) = 0 [pid 5177] <... symlink resumed>) = 0 [pid 5178] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5177] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5178] <... openat resumed>) = 3 [pid 5178] chdir("./bus") = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5175] munmap(0x7f6220e00000, 138412032 [pid 5178] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5177] <... creat resumed>) = 4 [pid 5175] <... munmap resumed>) = 0 [pid 5178] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5177] rename("./bus", "./file2" [pid 5176] munmap(0x7f6220e00000, 138412032) = 0 [pid 5177] <... rename resumed>) = -1 EEXIST (File exists) [pid 5177] memfd_create("syzkaller", 0) = 5 [pid 5178] <... symlink resumed>) = 0 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5176] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5178] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5177] <... mmap resumed>) = 0x7f6220e00000 [pid 5176] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5175] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5177] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5176] close(5 [pid 5175] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... ioctl resumed>) = 0 [pid 5175] close(5 [pid 5092] <... ioctl resumed>) = 0 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5178] <... creat resumed>) = 4 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5179 ./strace-static-x86_64: Process 5179 attached [pid 5176] <... close resumed>) = 0 [pid 5179] set_robust_list(0x5555645e8660, 24 [pid 5178] rename("./bus", "./file2" [pid 5095] close(3 [pid 5179] <... set_robust_list resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5178] <... rename resumed>) = -1 EEXIST (File exists) [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5180 attached [pid 5179] chdir("./13" [pid 5178] memfd_create("syzkaller", 0 [pid 5177] <... write resumed>) = 524288 [pid 5180] set_robust_list(0x5555645e8660, 24 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5180 [pid 5176] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5178] <... memfd_create resumed>) = 5 [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5175] <... close resumed>) = 0 [pid 5179] <... chdir resumed>) = 0 [pid 5178] <... mmap resumed>) = 0x7f6220e00000 [pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5176] <... open resumed>) = 5 [pid 5179] <... prctl resumed>) = 0 [pid 5179] setpgid(0, 0 [pid 5180] <... set_robust_list resumed>) = 0 [pid 5179] <... setpgid resumed>) = 0 [pid 5180] chdir("./13" [pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5180] <... chdir resumed>) = 0 [pid 5179] <... openat resumed>) = 3 [pid 5179] write(3, "1000", 4) = 4 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5176] ftruncate(5, 0 [pid 5178] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5176] <... ftruncate resumed>) = 0 [pid 5180] <... prctl resumed>) = 0 [pid 5180] setpgid(0, 0 [pid 5176] exit_group(0) = ? [pid 5180] <... setpgid resumed>) = 0 [pid 5179] close(3 [pid 5177] munmap(0x7f6220e00000, 138412032 [pid 5176] +++ exited with 0 +++ [pid 5179] <... close resumed>) = 0 [pid 5177] <... munmap resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5179] symlink("/dev/binderfs", "./binderfs" [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5179] <... symlink resumed>) = 0 [pid 5179] memfd_create("syzkaller", 0 [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5177] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] close(5 [pid 5091] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5180] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5091] newfstatat(3, "", [pid 5180] write(3, "1000", 4 [pid 5179] <... memfd_create resumed>) = 3 [pid 5175] <... open resumed>) = 5 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] getdents64(3, [pid 5180] <... write resumed>) = 4 [pid 5179] <... mmap resumed>) = 0x7f6220e00000 [pid 5178] <... write resumed>) = 524288 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5180] close(3 [pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5091] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5178] munmap(0x7f6220e00000, 138412032) = 0 [pid 5180] <... close resumed>) = 0 [pid 5175] ftruncate(5, 0 [pid 5180] symlink("/dev/binderfs", "./binderfs" [pid 5179] <... write resumed>) = 524288 [pid 5178] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5175] <... ftruncate resumed>) = 0 [pid 5180] <... symlink resumed>) = 0 [pid 5178] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5177] <... close resumed>) = 0 [pid 5175] exit_group(0 [pid 5180] memfd_create("syzkaller", 0 [pid 5178] close(5 [pid 5175] <... exit_group resumed>) = ? [pid 5178] <... close resumed>) = 0 [pid 5180] <... memfd_create resumed>) = 3 [pid 5177] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5175] +++ exited with 0 +++ [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5180] <... mmap resumed>) = 0x7f6220e00000 [pid 5177] <... open resumed>) = 5 [pid 5177] ftruncate(5, 0 [pid 5094] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5177] <... ftruncate resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] exit_group(0) = ? [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5178] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5177] +++ exited with 0 +++ [pid 5094] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = 0 [pid 5179] munmap(0x7f6220e00000, 138412032 [pid 5094] <... openat resumed>) = 3 [pid 5091] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5094] newfstatat(3, "", [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5179] <... munmap resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] newfstatat(AT_FDCWD, "./12/bus", [pid 5094] getdents64(3, [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5179] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5179] <... openat resumed>) = 4 [pid 5179] ioctl(4, LOOP_SET_FD, 3 [pid 5089] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5180] <... write resumed>) = 524288 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... openat resumed>) = 3 [pid 5178] <... open resumed>) = 5 [pid 5091] <... openat resumed>) = 4 [pid 5089] newfstatat(3, "", [pid 5178] ftruncate(5, 0 [pid 5091] newfstatat(4, "", [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, [pid 5094] <... umount2 resumed>) = 0 [pid 5091] getdents64(4, [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5179] <... ioctl resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, [pid 5178] <... ftruncate resumed>) = 0 [pid 5094] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] close(4 [pid 5180] munmap(0x7f6220e00000, 138412032 [pid 5178] exit_group(0 [pid 5094] newfstatat(AT_FDCWD, "./12/bus", [pid 5091] <... close resumed>) = 0 [pid 5178] <... exit_group resumed>) = ? [pid 5091] rmdir("./12/bus" [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5179] close(3 [pid 5089] <... umount2 resumed>) = 0 [pid 5179] <... close resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5089] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5179] close(4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5179] <... close resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./12/bus", [pid 5179] mkdir("./bus", 0777 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5179] <... mkdir resumed>) = 0 [pid 5089] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5178] +++ exited with 0 +++ [pid 5091] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5089] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... openat resumed>) = 4 [pid 5091] unlink("./12/binderfs" [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(4, "", [pid 5094] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... unlink resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] getdents64(3, [pid 5090] <... openat resumed>) = 3 [pid 5089] getdents64(4, [pid 5179] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5090] newfstatat(3, "", [pid 5180] <... munmap resumed>) = 0 [pid 5094] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5180] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] <... openat resumed>) = 4 [pid 5091] close(3 [pid 5090] getdents64(3, [pid 5089] getdents64(4, [pid 5180] <... openat resumed>) = 4 [pid 5094] newfstatat(4, "", [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5180] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... close resumed>) = 0 [ 121.147986][ T5179] loop3: detected capacity change from 0 to 1024 [pid 5090] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] close(4 [pid 5094] getdents64(4, [pid 5089] <... close resumed>) = 0 [pid 5089] rmdir("./12/bus") = 0 [pid 5089] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./12/binderfs") = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] rmdir("./12" [pid 5094] getdents64(4, [pid 5089] getdents64(3, [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] close(4 [pid 5089] close(3) = 0 [pid 5089] rmdir("./12" [pid 5179] <... mount resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5180] <... ioctl resumed>) = 0 [pid 5179] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5094] rmdir("./12/bus" [pid 5091] mkdir("./13", 0777 [pid 5090] <... umount2 resumed>) = 0 [pid 5180] close(3 [pid 5179] <... openat resumed>) = 3 [pid 5094] <... rmdir resumed>) = 0 [pid 5091] <... mkdir resumed>) = 0 [pid 5089] <... rmdir resumed>) = 0 [pid 5094] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... openat resumed>) = 3 [pid 5089] mkdir("./13", 0777 [pid 5094] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] unlink("./12/binderfs") = 0 [pid 5090] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... mkdir resumed>) = 0 [pid 5094] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5179] chdir("./bus" [pid 5094] close(3 [pid 5179] <... chdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] rmdir("./12" [pid 5179] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... rmdir resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5180] <... close resumed>) = 0 [pid 5179] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5094] mkdir("./13", 0777 [pid 5090] newfstatat(AT_FDCWD, "./12/bus", [pid 5089] <... openat resumed>) = 3 [pid 5094] <... mkdir resumed>) = 0 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5180] close(4) = 0 [pid 5180] mkdir("./bus", 0777 [pid 5179] <... symlink resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./12/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5180] <... mkdir resumed>) = 0 [pid 5179] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5094] <... openat resumed>) = 3 [pid 5090] openat(AT_FDCWD, "./12/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5180] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5090] <... openat resumed>) = 4 [pid 5090] newfstatat(4, "", [pid 5179] <... creat resumed>) = 4 [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5179] rename("./bus", "./file2" [pid 5090] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5179] <... rename resumed>) = -1 EEXIST (File exists) [pid 5090] getdents64(4, [pid 5179] memfd_create("syzkaller", 0) = 5 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [ 121.193568][ T5180] loop5: detected capacity change from 0 to 1024 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5090] close(4 [pid 5179] <... mmap resumed>) = 0x7f6220e00000 [pid 5090] <... close resumed>) = 0 [pid 5090] rmdir("./12/bus" [pid 5091] <... ioctl resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5180] <... mount resumed>) = 0 [pid 5090] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5180] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5090] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5179] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5180] chdir("./bus") = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5090] unlink("./12/binderfs" [pid 5180] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] <... unlink resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5091] close(3) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5180] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5089] close(3 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5181 ./strace-static-x86_64: Process 5181 attached [pid 5179] <... write resumed>) = 524288 [pid 5090] getdents64(3, [pid 5089] <... close resumed>) = 0 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5181] set_robust_list(0x5555645e8660, 24 [pid 5180] <... symlink resumed>) = 0 [pid 5180] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5181] <... set_robust_list resumed>) = 0 [pid 5090] close(3 [pid 5180] <... creat resumed>) = 4 [pid 5180] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5180] memfd_create("syzkaller", 0) = 5 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5094] <... ioctl resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5181] chdir("./13" [pid 5180] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] rmdir("./12" [pid 5179] munmap(0x7f6220e00000, 138412032) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5182 [pid 5179] close(5./strace-static-x86_64: Process 5182 attached [pid 5182] set_robust_list(0x5555645e8660, 24 [pid 5090] <... rmdir resumed>) = 0 [pid 5181] <... chdir resumed>) = 0 [pid 5182] <... set_robust_list resumed>) = 0 [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5180] <... write resumed>) = 524288 [pid 5090] mkdir("./13", 0777 [pid 5181] <... prctl resumed>) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5094] close(3 [pid 5181] setpgid(0, 0 [pid 5094] <... close resumed>) = 0 [pid 5181] <... setpgid resumed>) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5182] chdir("./13") = 0 [pid 5179] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5183 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5183 attached [pid 5182] setpgid(0, 0) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5183] set_robust_list(0x5555645e8660, 24 [pid 5182] <... openat resumed>) = 3 [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5183] <... set_robust_list resumed>) = 0 [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5179] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5181] <... openat resumed>) = 3 [pid 5183] chdir("./13" [pid 5182] symlink("/dev/binderfs", "./binderfs" [pid 5181] write(3, "1000", 4 [pid 5183] <... chdir resumed>) = 0 [pid 5182] <... symlink resumed>) = 0 [pid 5181] <... write resumed>) = 4 [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5182] memfd_create("syzkaller", 0 [pid 5181] close(3 [pid 5183] <... prctl resumed>) = 0 [pid 5182] <... memfd_create resumed>) = 3 [pid 5181] <... close resumed>) = 0 [pid 5183] setpgid(0, 0 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5181] symlink("/dev/binderfs", "./binderfs" [pid 5182] <... mmap resumed>) = 0x7f6220e00000 [pid 5183] <... setpgid resumed>) = 0 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5181] <... symlink resumed>) = 0 [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5180] munmap(0x7f6220e00000, 138412032 [pid 5179] <... open resumed>) = 5 [pid 5180] <... munmap resumed>) = 0 [pid 5183] <... openat resumed>) = 3 [pid 5180] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5179] ftruncate(5, 0 [pid 5183] write(3, "1000", 4 [pid 5180] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5179] <... ftruncate resumed>) = 0 [pid 5180] close(5 [pid 5183] <... write resumed>) = 4 [pid 5181] memfd_create("syzkaller", 0 [pid 5180] <... close resumed>) = 0 [pid 5179] exit_group(0 [pid 5183] close(3 [pid 5182] <... write resumed>) = 524288 [pid 5179] <... exit_group resumed>) = ? [pid 5183] <... close resumed>) = 0 [pid 5180] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5183] symlink("/dev/binderfs", "./binderfs" [pid 5179] +++ exited with 0 +++ [pid 5090] <... ioctl resumed>) = 0 [pid 5182] munmap(0x7f6220e00000, 138412032 [pid 5183] <... symlink resumed>) = 0 [pid 5182] <... munmap resumed>) = 0 [pid 5181] <... memfd_create resumed>) = 3 [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5183] memfd_create("syzkaller", 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5180] <... open resumed>) = 5 [pid 5092] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5183] <... memfd_create resumed>) = 3 [pid 5182] <... openat resumed>) = 4 [pid 5181] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5182] ioctl(4, LOOP_SET_FD, 3 [pid 5092] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] <... mmap resumed>) = 0x7f6220e00000 [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5180] ftruncate(5, 0) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5180] exit_group(0 [pid 5092] newfstatat(3, "", [pid 5180] <... exit_group resumed>) = ? [pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5180] +++ exited with 0 +++ [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5092] getdents64(3, [pid 5090] close(3) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5184 [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5184 attached [pid 5184] set_robust_list(0x5555645e8660, 24) = 0 [pid 5184] chdir("./13") = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5182] <... ioctl resumed>) = 0 [pid 5184] <... prctl resumed>) = 0 [pid 5184] setpgid(0, 0 [pid 5182] close(3) = 0 [pid 5182] close(4 [pid 5181] <... write resumed>) = 524288 [pid 5095] <... umount2 resumed>) = 0 [pid 5182] <... close resumed>) = 0 [pid 5182] mkdir("./bus", 0777) = 0 [pid 5184] <... setpgid resumed>) = 0 [pid 5182] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5181] munmap(0x7f6220e00000, 138412032 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5181] <... munmap resumed>) = 0 [ 121.404918][ T5182] loop0: detected capacity change from 0 to 1024 [pid 5181] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5092] <... umount2 resumed>) = 0 [pid 5184] <... openat resumed>) = 3 [pid 5181] <... openat resumed>) = 4 [pid 5183] <... write resumed>) = 524288 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5092] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5184] write(3, "1000", 4 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5184] <... write resumed>) = 4 [pid 5184] close(3 [pid 5095] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5184] <... close resumed>) = 0 [pid 5095] newfstatat(AT_FDCWD, "./13/bus", [pid 5184] symlink("/dev/binderfs", "./binderfs" [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5184] <... symlink resumed>) = 0 [pid 5095] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5092] newfstatat(AT_FDCWD, "./13/bus", [pid 5184] memfd_create("syzkaller", 0 [pid 5183] munmap(0x7f6220e00000, 138412032 [pid 5182] <... mount resumed>) = 0 [pid 5181] <... ioctl resumed>) = 0 [pid 5095] newfstatat(4, "", [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5184] <... memfd_create resumed>) = 3 [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5092] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] getdents64(4, [pid 5183] <... munmap resumed>) = 0 [pid 5184] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5183] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5181] close(3 [pid 5095] getdents64(4, [pid 5092] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] <... openat resumed>) = 4 [pid 5182] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5181] <... close resumed>) = 0 [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(4 [pid 5092] <... openat resumed>) = 4 [pid 5181] close(4 [pid 5182] <... openat resumed>) = 3 [pid 5095] <... close resumed>) = 0 [pid 5182] chdir("./bus" [pid 5095] rmdir("./13/bus" [pid 5182] <... chdir resumed>) = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5095] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5182] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5182] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5095] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5182] <... symlink resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5095] unlink("./13/binderfs") = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5182] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5181] <... close resumed>) = 0 [pid 5095] rmdir("./13" [pid 5092] newfstatat(4, "", [pid 5181] mkdir("./bus", 0777 [pid 5095] <... rmdir resumed>) = 0 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] mkdir("./14", 0777) = 0 [pid 5182] <... creat resumed>) = 4 [pid 5182] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5092] getdents64(4, [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5182] memfd_create("syzkaller", 0) = 5 [pid 5181] <... mkdir resumed>) = 0 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5181] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5184] <... write resumed>) = 524288 [pid 5183] <... ioctl resumed>) = 0 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] getdents64(4, [pid 5183] close(3 [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5092] close(4 [pid 5183] <... close resumed>) = 0 [pid 5182] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] <... close resumed>) = 0 [pid 5183] close(4 [pid 5182] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] rmdir("./13/bus" [pid 5183] <... close resumed>) = 0 [pid 5183] mkdir("./bus", 0777 [pid 5092] <... rmdir resumed>) = 0 [pid 5184] munmap(0x7f6220e00000, 138412032) = 0 [pid 5183] <... mkdir resumed>) = 0 [pid 5092] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./13/binderfs") = 0 [ 121.458229][ T5181] loop2: detected capacity change from 0 to 1024 [ 121.484684][ T5183] loop4: detected capacity change from 0 to 1024 [pid 5184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5183] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5181] <... mount resumed>) = 0 [pid 5092] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5184] <... openat resumed>) = 4 [pid 5182] <... write resumed>) = 524288 [pid 5181] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5092] close(3) = 0 [pid 5181] <... openat resumed>) = 3 [pid 5092] rmdir("./13" [pid 5184] ioctl(4, LOOP_SET_FD, 3 [pid 5092] <... rmdir resumed>) = 0 [pid 5092] mkdir("./14", 0777 [pid 5183] <... mount resumed>) = 0 [pid 5182] munmap(0x7f6220e00000, 138412032 [pid 5181] chdir("./bus" [pid 5092] <... mkdir resumed>) = 0 [pid 5183] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5182] <... munmap resumed>) = 0 [pid 5181] <... chdir resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5183] <... openat resumed>) = 3 [pid 5181] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... ioctl resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5181] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5182] close(5 [pid 5183] chdir("./bus" [pid 5181] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5183] <... chdir resumed>) = 0 [pid 5183] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5182] <... close resumed>) = 0 [pid 5095] close(3) = 0 [pid 5184] <... ioctl resumed>) = 0 [pid 5183] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5182] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5181] <... symlink resumed>) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5183] <... symlink resumed>) = 0 [pid 5181] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5184] close(3) = 0 [ 121.550299][ T5184] loop1: detected capacity change from 0 to 1024 [pid 5184] close(4) = 0 [pid 5183] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5184] mkdir("./bus", 0777 [pid 5182] <... open resumed>) = 5 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5185 [pid 5184] <... mkdir resumed>) = 0 [pid 5184] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5092] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5185 attached [pid 5182] ftruncate(5, 0 [pid 5185] set_robust_list(0x5555645e8660, 24 [pid 5182] <... ftruncate resumed>) = 0 [pid 5185] <... set_robust_list resumed>) = 0 [pid 5182] exit_group(0 [pid 5181] <... creat resumed>) = 4 [pid 5185] chdir("./14" [pid 5181] rename("./bus", "./file2" [pid 5185] <... chdir resumed>) = 0 [pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5182] <... exit_group resumed>) = ? [pid 5181] <... rename resumed>) = -1 EEXIST (File exists) [pid 5183] <... creat resumed>) = 4 [pid 5181] memfd_create("syzkaller", 0 [pid 5092] close(3 [pid 5183] rename("./bus", "./file2" [pid 5181] <... memfd_create resumed>) = 5 [pid 5092] <... close resumed>) = 0 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5185] setpgid(0, 0) = 0 [pid 5181] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5185] write(3, "1000", 4) = 4 [pid 5185] close(3 [pid 5184] <... mount resumed>) = 0 [pid 5182] +++ exited with 0 +++ [pid 5185] <... close resumed>) = 0 [pid 5184] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5185] symlink("/dev/binderfs", "./binderfs" [pid 5184] <... openat resumed>) = 3 [pid 5185] <... symlink resumed>) = 0 [pid 5181] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5184] chdir("./bus" [pid 5089] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5185] memfd_create("syzkaller", 0 [pid 5184] <... chdir resumed>) = 0 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5186 attached [pid 5185] <... memfd_create resumed>) = 3 [pid 5184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5183] <... rename resumed>) = -1 EEXIST (File exists) [pid 5089] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] set_robust_list(0x5555645e8660, 24 [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5184] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5186 [pid 5089] <... openat resumed>) = 3 [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] <... set_robust_list resumed>) = 0 [pid 5184] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5186] chdir("./14" [pid 5183] memfd_create("syzkaller", 0) = 5 [pid 5186] <... chdir resumed>) = 0 [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5185] <... mmap resumed>) = 0x7f6220e00000 [pid 5183] <... mmap resumed>) = 0x7f6220e00000 [pid 5181] <... write resumed>) = 524288 [pid 5186] <... prctl resumed>) = 0 [pid 5183] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5181] munmap(0x7f6220e00000, 138412032 [pid 5186] setpgid(0, 0) = 0 [pid 5185] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5184] <... symlink resumed>) = 0 [pid 5181] <... munmap resumed>) = 0 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5181] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5184] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5181] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5186] write(3, "1000", 4 [pid 5181] close(5 [pid 5089] <... umount2 resumed>) = 0 [pid 5186] <... write resumed>) = 4 [pid 5186] close(3 [pid 5181] <... close resumed>) = 0 [pid 5089] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] <... close resumed>) = 0 [pid 5184] <... creat resumed>) = 4 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] symlink("/dev/binderfs", "./binderfs" [pid 5184] rename("./bus", "./file2" [pid 5186] <... symlink resumed>) = 0 [pid 5089] newfstatat(AT_FDCWD, "./13/bus", [pid 5186] memfd_create("syzkaller", 0 [pid 5184] <... rename resumed>) = -1 EEXIST (File exists) [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5186] <... memfd_create resumed>) = 3 [pid 5185] <... write resumed>) = 524288 [pid 5183] <... write resumed>) = 524288 [pid 5181] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5089] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... openat resumed>) = 4 [pid 5185] munmap(0x7f6220e00000, 138412032 [pid 5184] memfd_create("syzkaller", 0 [pid 5186] <... mmap resumed>) = 0x7f6220e00000 [pid 5089] newfstatat(4, "", [pid 5185] <... munmap resumed>) = 0 [pid 5184] <... memfd_create resumed>) = 5 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5184] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5183] munmap(0x7f6220e00000, 138412032 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5185] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5185] ioctl(4, LOOP_SET_FD, 3 [pid 5186] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5183] <... munmap resumed>) = 0 [pid 5181] <... open resumed>) = 5 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5181] ftruncate(5, 0 [pid 5089] close(4 [pid 5184] <... write resumed>) = 524288 [pid 5186] <... write resumed>) = 524288 [pid 5181] <... ftruncate resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5183] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5181] exit_group(0 [pid 5185] <... ioctl resumed>) = 0 [pid 5185] close(3) = 0 [pid 5183] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] rmdir("./13/bus" [pid 5185] close(4 [pid 5183] close(5 [pid 5181] <... exit_group resumed>) = ? [pid 5089] <... rmdir resumed>) = 0 [pid 5185] <... close resumed>) = 0 [pid 5185] mkdir("./bus", 0777 [pid 5183] <... close resumed>) = 0 [pid 5181] +++ exited with 0 +++ [pid 5089] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] munmap(0x7f6220e00000, 138412032 [pid 5185] <... mkdir resumed>) = 0 [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5091] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] <... munmap resumed>) = 0 [pid 5185] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] <... openat resumed>) = 3 [pid 5089] unlink("./13/binderfs" [pid 5184] munmap(0x7f6220e00000, 138412032 [pid 5183] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] newfstatat(3, "", [pid 5184] <... munmap resumed>) = 0 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... unlink resumed>) = 0 [ 121.721166][ T5185] loop5: detected capacity change from 0 to 1024 [pid 5091] getdents64(3, [pid 5089] getdents64(3, [pid 5185] <... mount resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5185] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5091] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5186] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5185] <... openat resumed>) = 3 [pid 5184] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5186] <... openat resumed>) = 4 [pid 5184] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] close(3 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5184] close(5 [pid 5186] <... ioctl resumed>) = 0 [pid 5185] chdir("./bus" [pid 5184] <... close resumed>) = 0 [pid 5091] <... umount2 resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5091] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] rmdir("./13" [pid 5185] <... chdir resumed>) = 0 [pid 5183] <... open resumed>) = 5 [pid 5089] <... rmdir resumed>) = 0 [pid 5185] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5089] mkdir("./14", 0777 [pid 5185] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5183] ftruncate(5, 0) = 0 [pid 5183] exit_group(0) = ? [pid 5185] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5183] +++ exited with 0 +++ [pid 5089] <... mkdir resumed>) = 0 [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5091] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5094] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... openat resumed>) = 4 [pid 5089] <... openat resumed>) = 3 [pid 5091] newfstatat(4, "", [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] getdents64(4, [pid 5094] <... openat resumed>) = 3 [pid 5094] newfstatat(3, "", [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5091] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] <... close resumed>) = 0 [pid 5094] getdents64(3, [pid 5091] rmdir("./13/bus" [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5091] <... rmdir resumed>) = 0 [pid 5091] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5185] <... symlink resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] unlink("./13/binderfs") = 0 [pid 5186] close(3 [pid 5185] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5184] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5186] <... close resumed>) = 0 [pid 5186] close(4) = 0 [pid 5186] mkdir("./bus", 0777 [pid 5091] getdents64(3, [pid 5186] <... mkdir resumed>) = 0 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5091] close(3) = 0 [pid 5091] rmdir("./13" [pid 5186] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5091] <... rmdir resumed>) = 0 [pid 5091] mkdir("./14", 0777) = 0 [pid 5094] <... umount2 resumed>) = 0 [ 121.789193][ T5186] loop3: detected capacity change from 0 to 1024 [pid 5094] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5094] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5094] <... openat resumed>) = 4 [pid 5089] <... ioctl resumed>) = 0 [pid 5185] <... creat resumed>) = 4 [pid 5184] <... open resumed>) = 5 [pid 5094] newfstatat(4, "", [pid 5185] rename("./bus", "./file2" [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(4, [pid 5184] ftruncate(5, 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5184] <... ftruncate resumed>) = 0 [pid 5094] getdents64(4, [pid 5089] close(3 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5186] <... mount resumed>) = 0 [pid 5185] <... rename resumed>) = -1 EEXIST (File exists) [pid 5184] exit_group(0 [pid 5094] close(4 [pid 5089] <... close resumed>) = 0 [pid 5185] memfd_create("syzkaller", 0 [pid 5184] <... exit_group resumed>) = ? [pid 5185] <... memfd_create resumed>) = 5 [pid 5184] +++ exited with 0 +++ [pid 5186] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5186] <... openat resumed>) = 3 [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5185] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5090] newfstatat(3, "", [pid 5186] chdir("./bus" [pid 5090] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5186] <... chdir resumed>) = 0 [pid 5090] getdents64(3, [pid 5186] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5186] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5094] <... close resumed>) = 0 [pid 5091] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5187 attached [pid 5094] rmdir("./13/bus" [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5187 [pid 5187] set_robust_list(0x5555645e8660, 24) = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5187] chdir("./14" [pid 5094] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] close(3 [pid 5090] <... umount2 resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5094] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] <... creat resumed>) = 4 [pid 5186] rename("./bus", "./file2" [pid 5094] unlink("./13/binderfs" [pid 5090] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./13/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5187] <... chdir resumed>) = 0 [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5188 attached ) = 0 [pid 5094] <... unlink resumed>) = 0 [pid 5090] umount2("./13/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5188] set_robust_list(0x5555645e8660, 24 [pid 5187] setpgid(0, 0 [pid 5185] <... write resumed>) = 524288 [pid 5094] getdents64(3, [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5188 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] <... rename resumed>) = -1 EEXIST (File exists) [pid 5187] <... setpgid resumed>) = 0 [pid 5188] <... set_robust_list resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5090] openat(AT_FDCWD, "./13/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5186] memfd_create("syzkaller", 0 [pid 5188] chdir("./14" [pid 5186] <... memfd_create resumed>) = 5 [pid 5094] close(3 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5188] <... chdir resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5186] <... mmap resumed>) = 0x7f6220e00000 [pid 5094] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5187] <... openat resumed>) = 3 [pid 5094] rmdir("./13" [pid 5090] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5188] <... prctl resumed>) = 0 [pid 5187] write(3, "1000", 4 [pid 5186] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] <... rmdir resumed>) = 0 [pid 5090] getdents64(4, [pid 5188] setpgid(0, 0 [pid 5187] <... write resumed>) = 4 [pid 5094] mkdir("./14", 0777 [pid 5188] <... setpgid resumed>) = 0 [pid 5187] close(3 [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] <... close resumed>) = 0 [pid 5090] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5185] munmap(0x7f6220e00000, 138412032 [pid 5090] rmdir("./13/bus" [pid 5187] symlink("/dev/binderfs", "./binderfs" [pid 5185] <... munmap resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5187] <... symlink resumed>) = 0 [pid 5185] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5090] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5188] <... openat resumed>) = 3 [pid 5185] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] unlink("./13/binderfs" [pid 5094] <... openat resumed>) = 3 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5185] close(5 [pid 5090] <... unlink resumed>) = 0 [pid 5188] write(3, "1000", 4 [pid 5187] memfd_create("syzkaller", 0 [pid 5188] <... write resumed>) = 4 [pid 5187] <... memfd_create resumed>) = 3 [pid 5185] <... close resumed>) = 0 [pid 5090] getdents64(3, [pid 5188] close(3 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5188] <... close resumed>) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs" [pid 5187] <... mmap resumed>) = 0x7f6220e00000 [pid 5186] <... write resumed>) = 524288 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5185] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] close(3) = 0 [pid 5090] rmdir("./13" [pid 5188] <... symlink resumed>) = 0 [pid 5187] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./14", 0777) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5188] memfd_create("syzkaller", 0 [pid 5090] <... openat resumed>) = 3 [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5188] <... memfd_create resumed>) = 3 [pid 5187] <... write resumed>) = 524288 [pid 5185] <... open resumed>) = 5 [pid 5185] ftruncate(5, 0 [pid 5186] munmap(0x7f6220e00000, 138412032 [pid 5185] <... ftruncate resumed>) = 0 [pid 5186] <... munmap resumed>) = 0 [pid 5185] exit_group(0 [pid 5186] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5185] <... exit_group resumed>) = ? [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5185] +++ exited with 0 +++ [pid 5094] <... ioctl resumed>) = 0 [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5188] <... mmap resumed>) = 0x7f6220e00000 [pid 5095] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5095] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5095] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5186] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5186] close(5 [pid 5187] munmap(0x7f6220e00000, 138412032 [pid 5186] <... close resumed>) = 0 [pid 5187] <... munmap resumed>) = 0 [pid 5188] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5095] <... umount2 resumed>) = 0 [pid 5094] close(3) = 0 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5189 attached [pid 5188] <... write resumed>) = 524288 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... ioctl resumed>) = 0 [pid 5095] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5186] <... open resumed>) = 5 [pid 5095] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5189 [pid 5189] set_robust_list(0x5555645e8660, 24) = 0 [pid 5186] ftruncate(5, 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5189] chdir("./14" [pid 5186] <... ftruncate resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5189] <... chdir resumed>) = 0 [pid 5186] exit_group(0 [pid 5095] <... openat resumed>) = 4 [pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5188] munmap(0x7f6220e00000, 138412032 [pid 5189] <... prctl resumed>) = 0 [pid 5186] <... exit_group resumed>) = ? [pid 5095] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5095] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5189] setpgid(0, 0 [pid 5188] <... munmap resumed>) = 0 [pid 5186] +++ exited with 0 +++ [pid 5095] close(4) = 0 [pid 5095] rmdir("./14/bus" [pid 5189] <... setpgid resumed>) = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... rmdir resumed>) = 0 [pid 5095] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5187] <... ioctl resumed>) = 0 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5092] restart_syscall(<... resuming interrupted clone ...> [pid 5090] close(3 [pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5187] close(3 [pid 5095] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5092] <... restart_syscall resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5188] <... openat resumed>) = 4 [pid 5187] <... close resumed>) = 0 [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5189] <... openat resumed>) = 3 [pid 5188] ioctl(4, LOOP_SET_FD, 3 [pid 5187] close(4 [pid 5095] unlink("./14/binderfs" [pid 5187] <... close resumed>) = 0 [pid 5095] <... unlink resumed>) = 0 [pid 5092] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5187] mkdir("./bus", 0777 [pid 5095] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] close(3) = 0 [pid 5187] <... mkdir resumed>) = 0 [pid 5095] rmdir("./14"./strace-static-x86_64: Process 5190 attached [pid 5187] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5095] <... rmdir resumed>) = 0 [pid 5189] write(3, "1000", 4 [pid 5188] <... ioctl resumed>) = 0 [pid 5095] mkdir("./15", 0777 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5190 [pid 5092] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5189] <... write resumed>) = 4 [pid 5188] close(3 [pid 5095] <... mkdir resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5190] set_robust_list(0x5555645e8660, 24) = 0 [pid 5092] newfstatat(3, "", [pid 5190] chdir("./14" [pid 5188] <... close resumed>) = 0 [pid 5189] close(3 [pid 5188] close(4 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5190] <... chdir resumed>) = 0 [pid 5189] <... close resumed>) = 0 [pid 5188] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5092] getdents64(3, [pid 5189] symlink("/dev/binderfs", "./binderfs" [pid 5188] mkdir("./bus", 0777 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5188] <... mkdir resumed>) = 0 [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5189] <... symlink resumed>) = 0 [pid 5188] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5095] <... openat resumed>) = 3 [pid 5092] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5190] <... prctl resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5187] <... mount resumed>) = 0 [pid 5190] write(3, "1000", 4 [pid 5187] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5189] memfd_create("syzkaller", 0 [pid 5187] <... openat resumed>) = 3 [pid 5187] chdir("./bus") = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 122.031052][ T5187] loop0: detected capacity change from 0 to 1024 [ 122.069472][ T5188] loop2: detected capacity change from 0 to 1024 [pid 5187] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5189] <... memfd_create resumed>) = 3 [pid 5188] <... mount resumed>) = 0 [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5188] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5190] <... write resumed>) = 4 [pid 5189] <... mmap resumed>) = 0x7f6220e00000 [pid 5188] <... openat resumed>) = 3 [pid 5187] <... symlink resumed>) = 0 [pid 5190] close(3) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs" [pid 5188] chdir("./bus" [pid 5187] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5190] <... symlink resumed>) = 0 [pid 5188] <... chdir resumed>) = 0 [pid 5190] memfd_create("syzkaller", 0 [pid 5189] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5188] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5187] <... creat resumed>) = 4 [pid 5187] rename("./bus", "./file2" [pid 5190] <... memfd_create resumed>) = 3 [pid 5188] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5187] <... rename resumed>) = -1 EEXIST (File exists) [pid 5095] <... ioctl resumed>) = 0 [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5190] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5187] memfd_create("syzkaller", 0) = 5 [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5187] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5189] <... write resumed>) = 524288 [pid 5188] <... symlink resumed>) = 0 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5190] <... write resumed>) = 524288 [pid 5095] close(3 [pid 5189] munmap(0x7f6220e00000, 138412032 [pid 5188] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5187] <... write resumed>) = 524288 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... openat resumed>) = 4 [pid 5189] <... munmap resumed>) = 0 [pid 5092] newfstatat(4, "", [pid 5190] munmap(0x7f6220e00000, 138412032) = 0 [pid 5188] <... creat resumed>) = 4 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5191 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5188] rename("./bus", "./file2" [pid 5092] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5191 attached [pid 5190] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5187] munmap(0x7f6220e00000, 138412032 [pid 5191] set_robust_list(0x5555645e8660, 24 [pid 5190] <... openat resumed>) = 4 [pid 5187] <... munmap resumed>) = 0 [pid 5092] getdents64(4, [pid 5191] <... set_robust_list resumed>) = 0 [pid 5191] chdir("./15") = 0 [pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5188] <... rename resumed>) = -1 EEXIST (File exists) [pid 5189] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] close(4 [pid 5191] <... prctl resumed>) = 0 [pid 5190] ioctl(4, LOOP_SET_FD, 3 [pid 5191] setpgid(0, 0) = 0 [pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5189] <... openat resumed>) = 4 [pid 5188] memfd_create("syzkaller", 0 [pid 5092] <... close resumed>) = 0 [pid 5191] <... openat resumed>) = 3 [pid 5092] rmdir("./14/bus" [pid 5191] write(3, "1000", 4) = 4 [pid 5189] ioctl(4, LOOP_SET_FD, 3 [pid 5188] <... memfd_create resumed>) = 5 [pid 5092] <... rmdir resumed>) = 0 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5092] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5191] close(3 [pid 5187] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] <... close resumed>) = 0 [pid 5187] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5187] close(5 [pid 5188] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5191] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5191] memfd_create("syzkaller", 0 [pid 5188] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./14/binderfs" [pid 5187] <... close resumed>) = 0 [pid 5092] <... unlink resumed>) = 0 [pid 5191] <... memfd_create resumed>) = 3 [pid 5190] <... ioctl resumed>) = 0 [pid 5092] getdents64(3, [pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5190] close(3 [pid 5191] <... mmap resumed>) = 0x7f6220e00000 [pid 5190] <... close resumed>) = 0 [pid 5190] close(4 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5092] close(3) = 0 [pid 5092] rmdir("./14" [pid 5190] <... close resumed>) = 0 [pid 5190] mkdir("./bus", 0777 [pid 5092] <... rmdir resumed>) = 0 [pid 5190] <... mkdir resumed>) = 0 [pid 5187] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5092] mkdir("./15", 0777 [pid 5190] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5092] <... mkdir resumed>) = 0 [pid 5191] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5189] <... ioctl resumed>) = 0 [pid 5189] close(3) = 0 [pid 5189] close(4) = 0 [pid 5189] mkdir("./bus", 0777) = 0 [pid 5189] mount("/dev/loop4", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5190] <... mount resumed>) = 0 [pid 5190] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5190] chdir("./bus") = 0 [ 122.200793][ T5190] loop1: detected capacity change from 0 to 1024 [ 122.208096][ T5189] loop4: detected capacity change from 0 to 1024 [pid 5191] <... write resumed>) = 524288 [pid 5190] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5189] <... mount resumed>) = 0 [pid 5188] <... write resumed>) = 524288 [pid 5187] <... open resumed>) = 5 [pid 5189] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5190] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5189] <... openat resumed>) = 3 [ 122.257636][ T28] kauditd_printk_skb: 35 callbacks suppressed [ 122.257659][ T28] audit: type=1800 audit(1713724092.608:88): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop0" ino=20 res=0 errno=0 [pid 5187] ftruncate(5, 0 [pid 5189] chdir("./bus" [pid 5187] <... ftruncate resumed>) = 0 [pid 5189] <... chdir resumed>) = 0 [pid 5187] exit_group(0 [pid 5191] munmap(0x7f6220e00000, 138412032 [pid 5187] <... exit_group resumed>) = ? [pid 5191] <... munmap resumed>) = 0 [pid 5187] +++ exited with 0 +++ [pid 5191] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5191] <... openat resumed>) = 4 [pid 5191] ioctl(4, LOOP_SET_FD, 3 [pid 5189] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5188] munmap(0x7f6220e00000, 138412032 [pid 5089] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5189] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5089] newfstatat(3, "", [pid 5189] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5188] <... munmap resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5191] <... ioctl resumed>) = 0 [pid 5190] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") = 0 [pid 5188] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5089] <... umount2 resumed>) = 0 [pid 5190] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5188] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5191] close(3 [pid 5190] <... creat resumed>) = 4 [pid 5191] <... close resumed>) = 0 [pid 5190] rename("./bus", "./file2" [pid 5188] close(5 [pid 5191] close(4 [pid 5190] <... rename resumed>) = -1 EEXIST (File exists) [pid 5189] <... symlink resumed>) = 0 [pid 5191] <... close resumed>) = 0 [pid 5190] memfd_create("syzkaller", 0 [pid 5191] mkdir("./bus", 0777 [pid 5190] <... memfd_create resumed>) = 5 [pid 5191] <... mkdir resumed>) = 0 [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5191] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5190] <... mmap resumed>) = 0x7f6220e00000 [pid 5190] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5189] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5188] <... close resumed>) = 0 [ 122.302688][ T5191] loop5: detected capacity change from 0 to 1024 [pid 5191] <... mount resumed>) = 0 [pid 5191] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5191] chdir("./bus") = 0 [pid 5089] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5191] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5089] newfstatat(AT_FDCWD, "./14/bus", [pid 5191] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5092] <... ioctl resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5191] <... symlink resumed>) = 0 [pid 5191] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5089] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5191] <... creat resumed>) = 4 [pid 5189] <... creat resumed>) = 4 [pid 5092] close(3 [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] rename("./bus", "./file2" [pid 5089] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5189] rename("./bus", "./file2" [pid 5092] <... close resumed>) = 0 [pid 5188] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5089] <... openat resumed>) = 4 [pid 5191] <... rename resumed>) = -1 EEXIST (File exists) [pid 5190] <... write resumed>) = 524288 [pid 5189] <... rename resumed>) = -1 EEXIST (File exists) [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, [pid 5191] memfd_create("syzkaller", 0 [pid 5089] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5191] <... memfd_create resumed>) = 5 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./14/bus") = 0 [pid 5089] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./14/binderfs") = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./14") = 0 [pid 5089] mkdir("./15", 0777 [pid 5189] memfd_create("syzkaller", 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5189] <... memfd_create resumed>) = 5 [pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5191] <... mmap resumed>) = 0x7f6220e00000 [pid 5089] <... openat resumed>) = 3 [pid 5191] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5189] <... mmap resumed>) = 0x7f6220e00000 [pid 5092] <... clone resumed>, child_tidptr=0x5555645e8650) = 5192 [pid 5089] ioctl(3, LOOP_CLR_FD) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5188] <... open resumed>) = 5 ./strace-static-x86_64: Process 5192 attached [pid 5192] set_robust_list(0x5555645e8660, 24 [pid 5190] munmap(0x7f6220e00000, 138412032 [pid 5192] <... set_robust_list resumed>) = 0 [pid 5190] <... munmap resumed>) = 0 [pid 5192] chdir("./15") = 0 [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5193 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5190] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5193 attached [pid 5192] setpgid(0, 0 [pid 5190] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5189] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5188] ftruncate(5, 0 [pid 5191] <... write resumed>) = 524288 [pid 5188] <... ftruncate resumed>) = 0 [pid 5192] <... setpgid resumed>) = 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5193] set_robust_list(0x5555645e8660, 24) = 0 [pid 5193] chdir("./15" [pid 5192] <... openat resumed>) = 3 [pid 5190] close(5 [pid 5188] exit_group(0 [pid 5193] <... chdir resumed>) = 0 [pid 5188] <... exit_group resumed>) = ? [pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5193] setpgid(0, 0) = 0 [pid 5190] <... close resumed>) = 0 [pid 5188] +++ exited with 0 +++ [pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5193] <... openat resumed>) = 3 [pid 5193] write(3, "1000", 4) = 4 [pid 5192] write(3, "1000", 4 [pid 5191] munmap(0x7f6220e00000, 138412032 [pid 5091] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5191] <... munmap resumed>) = 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5192] <... write resumed>) = 4 [pid 5091] newfstatat(3, "", [pid 5192] close(3 [pid 5191] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5192] <... close resumed>) = 0 [pid 5191] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5091] getdents64(3, [pid 5193] close(3 [pid 5191] close(5 [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5193] <... close resumed>) = 0 [pid 5091] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5193] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5192] symlink("/dev/binderfs", "./binderfs" [pid 5193] memfd_create("syzkaller", 0) = 3 [pid 5192] <... symlink resumed>) = 0 [pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [ 122.394095][ T28] audit: type=1800 audit(1713724092.738:89): pid=5188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop2" ino=20 res=0 errno=0 [pid 5193] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5189] <... write resumed>) = 524288 [pid 5192] memfd_create("syzkaller", 0) = 3 [pid 5191] <... close resumed>) = 0 [pid 5190] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5192] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5190] <... open resumed>) = 5 [pid 5190] ftruncate(5, 0) = 0 [pid 5190] exit_group(0 [pid 5189] munmap(0x7f6220e00000, 138412032 [pid 5190] <... exit_group resumed>) = ? [pid 5190] +++ exited with 0 +++ [pid 5189] <... munmap resumed>) = 0 [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5090] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5189] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5091] <... umount2 resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5189] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5090] <... openat resumed>) = 3 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(3, [pid 5189] close(5 [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5090] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5189] <... close resumed>) = 0 [pid 5090] <... umount2 resumed>) = 0 [pid 5090] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./14/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5191] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5090] <... openat resumed>) = 4 [pid 5090] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5192] <... write resumed>) = 524288 [pid 5090] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] getdents64(4, [pid 5193] <... write resumed>) = 524288 [pid 5191] <... open resumed>) = 5 [pid 5189] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5091] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5090] close(4) = 0 [pid 5090] rmdir("./14/bus" [pid 5191] ftruncate(5, 0 [pid 5090] <... rmdir resumed>) = 0 [pid 5191] <... ftruncate resumed>) = 0 [pid 5090] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] unlink("./14/binderfs") = 0 [pid 5090] getdents64(3, [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5191] exit_group(0 [pid 5090] close(3) = 0 [pid 5090] rmdir("./14" [pid 5091] newfstatat(AT_FDCWD, "./14/bus", [pid 5090] <... rmdir resumed>) = 0 [pid 5090] mkdir("./15", 0777 [pid 5191] <... exit_group resumed>) = ? [pid 5189] <... open resumed>) = 5 [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5192] munmap(0x7f6220e00000, 138412032) = 0 [pid 5091] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5189] ftruncate(5, 0 [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5193] munmap(0x7f6220e00000, 138412032 [pid 5091] <... openat resumed>) = 4 [pid 5193] <... munmap resumed>) = 0 [pid 5091] newfstatat(4, "", [pid 5192] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5091] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5192] <... openat resumed>) = 4 [pid 5189] <... ftruncate resumed>) = 0 [pid 5091] getdents64(4, [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5090] <... openat resumed>) = 3 [pid 5192] ioctl(4, LOOP_SET_FD, 3 [pid 5191] +++ exited with 0 +++ [pid 5091] getdents64(4, [pid 5090] ioctl(3, LOOP_CLR_FD [pid 5189] exit_group(0 [pid 5091] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5091] close(4 [pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5189] <... exit_group resumed>) = ? [pid 5095] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5091] <... close resumed>) = 0 [pid 5091] rmdir("./14/bus" [pid 5193] <... openat resumed>) = 4 [pid 5091] <... rmdir resumed>) = 0 [pid 5193] ioctl(4, LOOP_SET_FD, 3 [pid 5095] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5189] +++ exited with 0 +++ [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5091] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5094] restart_syscall(<... resuming interrupted clone ...> [pid 5095] <... openat resumed>) = 3 [pid 5095] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] getdents64(3, 0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5094] <... restart_syscall resumed>) = 0 [pid 5091] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5095] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5192] <... ioctl resumed>) = 0 [pid 5192] close(3) = 0 [pid 5192] close(4) = 0 [pid 5193] <... ioctl resumed>) = 0 [pid 5192] mkdir("./bus", 0777 [pid 5193] close(3 [pid 5192] <... mkdir resumed>) = 0 [pid 5193] <... close resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5094] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5193] close(4) = 0 [pid 5193] mkdir("./bus", 0777 [pid 5192] mount("/dev/loop3", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5193] <... mkdir resumed>) = 0 [pid 5192] <... mount resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5091] unlink("./14/binderfs" [pid 5193] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5192] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5094] newfstatat(3, "", [pid 5091] <... unlink resumed>) = 0 [pid 5192] chdir("./bus") = 0 [pid 5192] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5091] getdents64(3, [pid 5192] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5094] getdents64(3, [pid 5091] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [ 122.517912][ T28] audit: type=1800 audit(1713724092.808:90): pid=5190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 122.551270][ T5192] loop3: detected capacity change from 0 to 1024 [ 122.560109][ T5193] loop0: detected capacity change from 0 to 1024 [pid 5091] close(3 [pid 5192] <... symlink resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5091] <... close resumed>) = 0 [pid 5090] <... ioctl resumed>) = 0 [pid 5192] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000) = 4 [pid 5091] rmdir("./14" [pid 5192] rename("./bus", "./file2") = -1 EEXIST (File exists) [pid 5095] <... umount2 resumed>) = 0 [pid 5091] <... rmdir resumed>) = 0 [pid 5094] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] mkdir("./15", 0777 [pid 5192] memfd_create("syzkaller", 0) = 5 [pid 5091] <... mkdir resumed>) = 0 [pid 5095] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] <... mount resumed>) = 0 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5091] <... openat resumed>) = 3 [pid 5090] close(3 [pid 5193] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5193] chdir("./bus") = 0 [pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5091] ioctl(3, LOOP_CLR_FD [pid 5095] newfstatat(AT_FDCWD, "./15/bus", [pid 5192] <... mmap resumed>) = 0x7f6220e00000 [pid 5193] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5095] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... close resumed>) = 0 [pid 5193] <... symlink resumed>) = 0 [pid 5095] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5090] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5095] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5192] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5095] <... openat resumed>) = 4 [pid 5095] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] <... clone resumed>, child_tidptr=0x5555645e8650) = 5194 [ 122.602642][ T28] audit: type=1800 audit(1713724092.848:91): pid=5191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop5" ino=20 res=0 errno=0 [pid 5095] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5194 attached [pid 5194] set_robust_list(0x5555645e8660, 24) = 0 [pid 5193] <... creat resumed>) = 4 [pid 5194] chdir("./15" [pid 5193] rename("./bus", "./file2" [pid 5094] <... umount2 resumed>) = 0 [pid 5194] <... chdir resumed>) = 0 [pid 5193] <... rename resumed>) = -1 EEXIST (File exists) [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5193] memfd_create("syzkaller", 0 [pid 5194] <... prctl resumed>) = 0 [pid 5193] <... memfd_create resumed>) = 5 [pid 5194] setpgid(0, 0 [pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5194] <... setpgid resumed>) = 0 [pid 5193] <... mmap resumed>) = 0x7f6220e00000 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5193] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5194] <... openat resumed>) = 3 [pid 5095] getdents64(4, [pid 5094] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] <... write resumed>) = 524288 [pid 5192] <... write resumed>) = 524288 [pid 5095] close(4 [pid 5094] newfstatat(AT_FDCWD, "./14/bus", [pid 5194] write(3, "1000", 4 [pid 5192] munmap(0x7f6220e00000, 138412032) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] umount2("./14/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5095] rmdir("./15/bus" [pid 5194] <... write resumed>) = 4 [pid 5194] close(3) = 0 [pid 5194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5095] <... rmdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] memfd_create("syzkaller", 0 [pid 5095] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5194] <... memfd_create resumed>) = 3 [pid 5095] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5194] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5193] munmap(0x7f6220e00000, 138412032 [pid 5192] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5095] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5094] openat(AT_FDCWD, "./14/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5192] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5094] <... openat resumed>) = 4 [pid 5095] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5094] newfstatat(4, "", [pid 5192] close(5) = 0 [pid 5094] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5094] getdents64(4, [pid 5193] <... munmap resumed>) = 0 [pid 5095] unlink("./15/binderfs" [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5193] close(5 [pid 5095] <... unlink resumed>) = 0 [pid 5094] getdents64(4, [pid 5193] <... close resumed>) = 0 [pid 5094] <... getdents64 resumed>0x5555645f1730 /* 0 entries */, 32768) = 0 [ 122.655830][ T28] audit: type=1800 audit(1713724092.868:92): pid=5189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop4" ino=20 res=0 errno=0 [pid 5192] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5095] getdents64(3, [pid 5094] close(4 [pid 5095] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5094] <... close resumed>) = 0 [pid 5094] rmdir("./14/bus" [pid 5095] close(3) = 0 [pid 5095] rmdir("./15") = 0 [pid 5094] <... rmdir resumed>) = 0 [pid 5193] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000 [pid 5192] <... open resumed>) = 5 [pid 5095] mkdir("./16", 0777 [pid 5094] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5091] <... ioctl resumed>) = 0 [pid 5091] close(3 [pid 5194] <... write resumed>) = 524288 [pid 5192] ftruncate(5, 0 [pid 5095] <... mkdir resumed>) = 0 [pid 5094] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5091] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5091] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5192] <... ftruncate resumed>) = 0 [pid 5192] exit_group(0./strace-static-x86_64: Process 5195 attached [pid 5193] <... open resumed>) = 5 [pid 5192] <... exit_group resumed>) = ? [pid 5095] <... openat resumed>) = 3 [pid 5094] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5091] <... clone resumed>, child_tidptr=0x5555645e8650) = 5195 [pid 5094] unlink("./14/binderfs" [pid 5195] set_robust_list(0x5555645e8660, 24 [pid 5193] ftruncate(5, 0 [pid 5192] +++ exited with 0 +++ [pid 5094] <... unlink resumed>) = 0 [pid 5195] <... set_robust_list resumed>) = 0 [pid 5193] <... ftruncate resumed>) = 0 [pid 5095] ioctl(3, LOOP_CLR_FD [pid 5094] getdents64(3, [pid 5092] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5194] munmap(0x7f6220e00000, 138412032 [pid 5193] exit_group(0 [pid 5094] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5195] chdir("./15" [pid 5194] <... munmap resumed>) = 0 [pid 5193] <... exit_group resumed>) = ? [pid 5094] close(3 [pid 5195] <... chdir resumed>) = 0 [pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5194] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5193] +++ exited with 0 +++ [pid 5094] <... close resumed>) = 0 [pid 5195] <... prctl resumed>) = 0 [pid 5195] setpgid(0, 0 [pid 5194] <... openat resumed>) = 4 [pid 5092] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5195] <... setpgid resumed>) = 0 [pid 5089] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5193, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5089] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5194] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 3 [pid 5195] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5089] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5195] write(3, "1000", 4 [pid 5092] <... openat resumed>) = 3 [pid 5195] <... write resumed>) = 4 [ 122.722310][ T28] audit: type=1800 audit(1713724093.068:93): pid=5192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop3" ino=20 res=0 errno=0 [pid 5094] rmdir("./14" [pid 5092] newfstatat(3, "", [pid 5089] getdents64(3, [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5195] close(3 [pid 5094] <... rmdir resumed>) = 0 [pid 5092] getdents64(3, [pid 5089] <... umount2 resumed>) = 0 [pid 5195] <... close resumed>) = 0 [pid 5195] symlink("/dev/binderfs", "./binderfs" [pid 5094] mkdir("./15", 0777 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5089] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5092] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5089] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./15/bus", [pid 5195] <... symlink resumed>) = 0 [pid 5089] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5089] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5089] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5089] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5089] close(4) = 0 [pid 5089] rmdir("./15/bus") = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5089] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5089] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5089] unlink("./15/binderfs" [pid 5195] memfd_create("syzkaller", 0 [pid 5089] <... unlink resumed>) = 0 [pid 5089] getdents64(3, 0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5089] close(3) = 0 [pid 5089] rmdir("./15") = 0 [pid 5089] mkdir("./16", 0777) = 0 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5089] ioctl(3, LOOP_CLR_FD [pid 5194] <... ioctl resumed>) = 0 [pid 5195] <... memfd_create resumed>) = 3 [pid 5095] <... ioctl resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5092] <... umount2 resumed>) = 0 [pid 5092] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5194] close(3 [pid 5092] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] <... close resumed>) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5092] newfstatat(AT_FDCWD, "./15/bus", [pid 5195] <... mmap resumed>) = 0x7f6220e00000 [pid 5194] close(4 [pid 5094] ioctl(3, LOOP_CLR_FD [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5194] <... close resumed>) = 0 [pid 5092] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] openat(AT_FDCWD, "./15/bus", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5194] mkdir("./bus", 0777 [pid 5092] newfstatat(4, "", [pid 5194] <... mkdir resumed>) = 0 [pid 5095] close(3 [pid 5092] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5095] <... close resumed>) = 0 [pid 5092] getdents64(4, 0x5555645f1730 /* 2 entries */, 32768) = 48 [pid 5092] getdents64(4, 0x5555645f1730 /* 0 entries */, 32768) = 0 [pid 5095] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] close(4 [pid 5195] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... close resumed>) = 0 [pid 5092] rmdir("./15/bus") = 0 [pid 5194] mount("/dev/loop1", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5092] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5092] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5092] unlink("./15/binderfs") = 0 [ 122.785546][ T5194] loop1: detected capacity change from 0 to 1024 [ 122.787469][ T28] audit: type=1800 audit(1713724093.108:94): pid=5193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop0" ino=20 res=0 errno=0 [pid 5092] getdents64(3, [pid 5195] <... write resumed>) = 524288 [pid 5194] <... mount resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5089] close(3) = 0 [pid 5089] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5194] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY) = 3 [pid 5092] <... getdents64 resumed>0x5555645e96f0 /* 0 entries */, 32768) = 0 [pid 5095] <... clone resumed>, child_tidptr=0x5555645e8650) = 5196 [pid 5092] close(3) = 0 [pid 5194] chdir("./bus") = 0 [pid 5194] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5194] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5089] <... clone resumed>, child_tidptr=0x5555645e8650) = 5197 [pid 5092] rmdir("./15") = 0 ./strace-static-x86_64: Process 5196 attached [pid 5094] <... ioctl resumed>) = 0 [pid 5196] set_robust_list(0x5555645e8660, 24) = 0 [pid 5196] chdir("./16"./strace-static-x86_64: Process 5197 attached [pid 5197] set_robust_list(0x5555645e8660, 24) = 0 [pid 5197] chdir("./16") = 0 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5197] setpgid(0, 0) = 0 [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5196] <... chdir resumed>) = 0 [pid 5194] <... symlink resumed>) = 0 [pid 5092] mkdir("./16", 0777 [pid 5195] munmap(0x7f6220e00000, 138412032 [pid 5092] <... mkdir resumed>) = 0 [pid 5197] <... openat resumed>) = 3 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5195] <... munmap resumed>) = 0 [pid 5194] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5196] <... prctl resumed>) = 0 [pid 5196] setpgid(0, 0) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5195] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5094] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5094] <... close resumed>) = 0 [pid 5197] write(3, "1000", 4 [pid 5195] <... openat resumed>) = 4 [pid 5094] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] <... openat resumed>) = 3 [pid 5197] <... write resumed>) = 4 [pid 5197] close(3) = 0 [pid 5197] symlink("/dev/binderfs", "./binderfs" [pid 5092] ioctl(3, LOOP_CLR_FD [pid 5197] <... symlink resumed>) = 0 [pid 5196] <... openat resumed>) = 3 [pid 5194] <... creat resumed>) = 4 [pid 5195] ioctl(4, LOOP_SET_FD, 3 [pid 5197] memfd_create("syzkaller", 0 [pid 5194] rename("./bus", "./file2" [pid 5196] write(3, "1000", 4 [pid 5197] <... memfd_create resumed>) = 3 [pid 5196] <... write resumed>) = 4 [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5196] close(3 [pid 5194] <... rename resumed>) = -1 EEXIST (File exists) [pid 5197] <... mmap resumed>) = 0x7f6220e00000 [pid 5196] <... close resumed>) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs" [pid 5194] memfd_create("syzkaller", 0 [pid 5196] <... symlink resumed>) = 0 [pid 5194] <... memfd_create resumed>) = 5 [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5094] <... clone resumed>, child_tidptr=0x5555645e8650) = 5198 [pid 5196] memfd_create("syzkaller", 0) = 3 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 ./strace-static-x86_64: Process 5198 attached [pid 5198] set_robust_list(0x5555645e8660, 24 [pid 5197] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5198] <... set_robust_list resumed>) = 0 [pid 5196] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5198] chdir("./15" [pid 5195] <... ioctl resumed>) = 0 [pid 5194] write(5, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5198] <... chdir resumed>) = 0 [pid 5197] <... write resumed>) = 524288 [pid 5195] close(3 [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5195] <... close resumed>) = 0 [pid 5198] <... prctl resumed>) = 0 [ 122.891227][ T5195] loop2: detected capacity change from 0 to 1024 [pid 5195] close(4 [pid 5198] setpgid(0, 0 [pid 5196] <... write resumed>) = 524288 [pid 5195] <... close resumed>) = 0 [pid 5198] <... setpgid resumed>) = 0 [pid 5195] mkdir("./bus", 0777 [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5195] <... mkdir resumed>) = 0 [pid 5194] <... write resumed>) = 524288 [pid 5198] <... openat resumed>) = 3 [pid 5197] munmap(0x7f6220e00000, 138412032 [pid 5196] munmap(0x7f6220e00000, 138412032 [pid 5195] mount("/dev/loop2", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5092] <... ioctl resumed>) = 0 [pid 5197] <... munmap resumed>) = 0 [pid 5196] <... munmap resumed>) = 0 [pid 5194] munmap(0x7f6220e00000, 138412032 [pid 5198] write(3, "1000", 4 [pid 5194] <... munmap resumed>) = 0 [pid 5198] <... write resumed>) = 4 [pid 5194] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5196] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5194] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5197] <... openat resumed>) = 4 [pid 5196] <... openat resumed>) = 4 [pid 5194] close(5 [pid 5197] ioctl(4, LOOP_SET_FD, 3 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5194] <... close resumed>) = 0 [pid 5198] close(3 [pid 5092] close(3) = 0 [pid 5092] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555645e8650) = 5199 [pid 5194] open("./file1", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_DIRECT|O_NOATIME, 000./strace-static-x86_64: Process 5199 attached [pid 5199] set_robust_list(0x5555645e8660, 24) = 0 [ 122.984880][ T5196] loop5: detected capacity change from 0 to 1024 [ 122.991787][ T5197] loop0: detected capacity change from 0 to 1024 [pid 5199] chdir("./16") = 0 [pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5198] <... close resumed>) = 0 [pid 5199] <... prctl resumed>) = 0 [pid 5199] setpgid(0, 0 [pid 5198] symlink("/dev/binderfs", "./binderfs" [pid 5196] <... ioctl resumed>) = 0 [pid 5199] <... setpgid resumed>) = 0 [pid 5196] close(3 [pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5196] <... close resumed>) = 0 [pid 5198] <... symlink resumed>) = 0 [pid 5196] close(4 [pid 5198] memfd_create("syzkaller", 0 [pid 5197] <... ioctl resumed>) = 0 [pid 5196] <... close resumed>) = 0 [pid 5194] <... open resumed>) = 5 [pid 5199] <... openat resumed>) = 3 [pid 5197] close(3 [pid 5196] mkdir("./bus", 0777 [pid 5194] ftruncate(5, 0 [pid 5199] write(3, "1000", 4 [pid 5198] <... memfd_create resumed>) = 3 [pid 5197] <... close resumed>) = 0 [pid 5196] <... mkdir resumed>) = 0 [pid 5195] <... mount resumed>) = 0 [pid 5194] <... ftruncate resumed>) = 0 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f6220e00000 [pid 5194] exit_group(0) = ? [pid 5194] +++ exited with 0 +++ [pid 5198] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5195] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5090] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5090] restart_syscall(<... resuming interrupted clone ...> [pid 5195] <... openat resumed>) = 3 [pid 5090] <... restart_syscall resumed>) = 0 [pid 5090] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5199] <... write resumed>) = 4 [pid 5197] close(4 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] <... close resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5197] mkdir("./bus", 0777 [pid 5090] <... openat resumed>) = 3 [pid 5197] <... mkdir resumed>) = 0 [pid 5090] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] getdents64(3, [pid 5199] close(3 [pid 5197] mount("/dev/loop0", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5090] <... getdents64 resumed>0x5555645e96f0 /* 4 entries */, 32768) = 104 [pid 5199] <... close resumed>) = 0 [pid 5196] mount("/dev/loop5", "./bus", "hfsplus", MS_NOEXEC|MS_RELATIME, "" [pid 5195] chdir("./bus" [pid 5090] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5199] symlink("/dev/binderfs", "./binderfs" [pid 5195] <... chdir resumed>) = 0 [pid 5199] <... symlink resumed>) = 0 [ 123.026427][ T28] audit: type=1800 audit(1713724093.368:95): pid=5194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor341" name="file1" dev="loop1" ino=20 res=0 errno=0 [pid 5199] memfd_create("syzkaller", 0 [pid 5198] <... write resumed>) = 524288 [pid 5199] <... memfd_create resumed>) = 3 [pid 5195] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5195] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5199] <... mmap resumed>) = 0x7f6220e00000 [pid 5195] symlink("./bus", "./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" [pid 5199] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5090] <... umount2 resumed>) = 0 [pid 5198] munmap(0x7f6220e00000, 138412032 [pid 5197] <... mount resumed>) = 0 [pid 5090] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5198] <... munmap resumed>) = 0 [pid 5197] openat(AT_FDCWD, "./bus", O_RDONLY|O_DIRECTORY [pid 5195] <... symlink resumed>) = 0 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] newfstatat(AT_FDCWD, "./15/bus", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] umount2("./15/bus", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5195] creat("./file2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", 000 [pid 5198] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5197] <... openat resumed>) = 3 [pid 5090] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5198] <... openat resumed>) = 4 [pid 5197] chdir("./bus"